From owner-freebsd-security@FreeBSD.ORG Mon Jun 19 12:35:47 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6246116A474 for ; Mon, 19 Jun 2006 12:35:47 +0000 (UTC) (envelope-from dan@obluda.cz) Received: from smtp1.kolej.mff.cuni.cz (smtp1.kolej.mff.cuni.cz [195.113.24.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id ADE3543D6D for ; Mon, 19 Jun 2006 12:35:45 +0000 (GMT) (envelope-from dan@obluda.cz) X-Envelope-From: dan@obluda.cz Received: from [10.20.0.26] (openvpn.ms.mff.cuni.cz [195.113.20.87]) by smtp1.kolej.mff.cuni.cz (8.13.1/8.13.1) with ESMTP id k5JCa1aO032551 for ; Mon, 19 Jun 2006 14:36:02 +0200 (CEST) (envelope-from dan@obluda.cz) Message-ID: <44969A1E.2070803@obluda.cz> Date: Mon, 19 Jun 2006 14:35:42 +0200 From: Dan Lukes User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.0.4) Gecko/20060605 SeaMonkey/1.0.2 MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <20060619101133.31660.qmail@web30307.mail.mud.yahoo.com> <86veqxv000.fsf@xps.des.no> In-Reply-To: <86veqxv000.fsf@xps.des.no> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Subject: Re: memory pages nulling when releasing X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2006 12:35:47 -0000 Dag-Erling Sm=F8rgrav napsal/wrote, On 06/19/06 13:49: > I very much doubt it. DRAM needs to be continuously refreshed, and > loses its state within milliseconds of losing power. >=20 >> At least I saw that in TV (CSI Wanne-Eickel or so), how they read from= a >> overwritten hard disc shreddered with a "laser"... >=20 > Umm, first, CSI is fiction; second, unlike DRAM, a hard disk is > designed to retain information when power is switched off. Well, we should not accept fiction serials as serious source of=20 information. On the other side, we know nothing about secret services=20 secrets. Sometime, the more safe side is count that they MAY be able to=20 do it (despite of exact meaning of "they" and "it"). I know something about not so secret secrets. You need no physical=20 access to computer nor active remote access. You need no steal the DRAM. = The computer is big transmitter of electromagnetic waves which can be=20 received from distant place. Analysis of it can not so unimportant part=20 of the computers work. As distant passive method it's almost undetectable= =2E Counter-measures against this kind of spying is very expensive - you=20 need special isolated server room and large controlled area with=20 restricted access around it (even the best isolated room can't shield=20 the transmission completely). I don't dispute about probability that someone asking this kind of=20 question in this kind of discussion list has sensitive data of high=20 value for a secret service (and obtainable by know technique of=20 receiving elmg. noise or unknown technique of reading of upowered DRAM). On the one side, price of counter measures should be comparable with=20 risk value. Zeroing some memory containing selected sensitive data as=20 part of free on application level is very cheap solution. It's eligible=20 even in the case the value of eliminated risk is very low, so we should=20 not deny it as technique with no real value ... Dan --=20 Dan Lukes SISAL MFF UK AKA: dan@obluda.cz, dan@freebsd.cz,dan@kolej.mff.cuni.cz