Date: Mon, 19 Jun 2006 14:35:42 +0200 From: Dan Lukes <dan@obluda.cz> To: freebsd-security@freebsd.org Subject: Re: memory pages nulling when releasing Message-ID: <44969A1E.2070803@obluda.cz> In-Reply-To: <86veqxv000.fsf@xps.des.no> References: <20060619101133.31660.qmail@web30307.mail.mud.yahoo.com> <86veqxv000.fsf@xps.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Dag-Erling Sm=F8rgrav napsal/wrote, On 06/19/06 13:49: > I very much doubt it. DRAM needs to be continuously refreshed, and > loses its state within milliseconds of losing power. >=20 >> At least I saw that in TV (CSI Wanne-Eickel or so), how they read from= a >> overwritten hard disc shreddered with a "laser"... >=20 > Umm, first, CSI is fiction; second, unlike DRAM, a hard disk is > designed to retain information when power is switched off. Well, we should not accept fiction serials as serious source of=20 information. On the other side, we know nothing about secret services=20 secrets. Sometime, the more safe side is count that they MAY be able to=20 do it (despite of exact meaning of "they" and "it"). I know something about not so secret secrets. You need no physical=20 access to computer nor active remote access. You need no steal the DRAM. = The computer is big transmitter of electromagnetic waves which can be=20 received from distant place. Analysis of it can not so unimportant part=20 of the computers work. As distant passive method it's almost undetectable= =2E Counter-measures against this kind of spying is very expensive - you=20 need special isolated server room and large controlled area with=20 restricted access around it (even the best isolated room can't shield=20 the transmission completely). I don't dispute about probability that someone asking this kind of=20 question in this kind of discussion list has sensitive data of high=20 value for a secret service (and obtainable by know technique of=20 receiving elmg. noise or unknown technique of reading of upowered DRAM). On the one side, price of counter measures should be comparable with=20 risk value. Zeroing some memory containing selected sensitive data as=20 part of free on application level is very cheap solution. It's eligible=20 even in the case the value of eliminated risk is very low, so we should=20 not deny it as technique with no real value ... Dan --=20 Dan Lukes SISAL MFF UK AKA: dan@obluda.cz, dan@freebsd.cz,dan@kolej.mff.cuni.cz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44969A1E.2070803>