From owner-freebsd-questions@freebsd.org Fri Aug 10 15:51:19 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4E0E5106EBF0 for ; Fri, 10 Aug 2018 15:51:19 +0000 (UTC) (envelope-from cpghost@cordula.ws) Received: from mail-wr1-x436.google.com (mail-wr1-x436.google.com [IPv6:2a00:1450:4864:20::436]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D596470ACA for ; Fri, 10 Aug 2018 15:51:18 +0000 (UTC) (envelope-from cpghost@cordula.ws) Received: by mail-wr1-x436.google.com with SMTP id h10-v6so8707555wre.6 for ; Fri, 10 Aug 2018 08:51:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cordula-ws.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=LkqC8oCCj6B0wSf0aW2ygdvyF0VBH+Vn0jexfDMgmYc=; b=ULZHVCIxxxTbefkuJSfuNyfByK3uAxrIsrtGLNE6L0Qds1yrYez+smC8mxJlbCtFZ9 zwY09LnsgMQHKxvkxdaxWDTd27Wg0ebxpzPxRbutsChRJZFNPNTv5zVfi7xCHGBjIb1N sPP+w0AgR0TbfpAk9M+XivIvrKhYgll63Zs191/l6jtaH441fQmZEMpl0IT0/irp2TrG 6F4Sh2AQ3C9NVO88Jz+wcBkFw+mxXEB/Jqgurh3ba33nfIeruMPLRK6cN9phfnkGaCw/ b6iDQbP/qzWFQ4G/tltZ1Cylbcbo+GoX7k4EZnB+z2gJ+L1SnhfPAcT0XVaT9gs6s2zF wBZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=LkqC8oCCj6B0wSf0aW2ygdvyF0VBH+Vn0jexfDMgmYc=; b=Jvzesu7RE5Z50giyz/8jGHMCHRf7nYeJ52ah/q/lgd0VAx5j3H8Y+y1qWsI4Y13SJj e7a9iIf4Cf2rVWzsbqx9jQnQH+mV91OIK6OxBugOWyfO3i7znX0P5lKdghQqBJ15axKy rB/4d9vnbRr655t0rY1j+lv2deqFk/+QK/SDs7BJrkX57f3Le3tsy1q03sA1U5CKCNYd l7yfkaseeeNzJkAo+J4HfdmUs0cUqknA1+9xTqwGnAfmrxQsC3aPpBubLLjFkHjSBBRs ePKp8ZStymhkPM6iUkIxaamEgedZ8wl28foIFCO+zisMGApZm9P0Ku+dZkX1tmYjPXeE 1uxw== X-Gm-Message-State: AOUpUlHTKyHjF5t2P1FgFRyPuGbZ2CJ2Kbbu3FldPRKSXC84OINB4q7x Wt4cEIWgSzLnJvvjmo3VVelrSMDijY4= X-Google-Smtp-Source: AA+uWPxdkAliJeV8gSjCl8mb3Tj8uscZR4UnbuftGBYCrau6jW6acsYxidGVFQ2kuLpdCrGzfGx5LA== X-Received: by 2002:a5d:4b90:: with SMTP id b16-v6mr4510800wrt.168.1533916277429; Fri, 10 Aug 2018 08:51:17 -0700 (PDT) Received: from ?IPv6:2a02:908:960:c43e:2efd:a1ff:fe57:abb8? ([2a02:908:960:c43e:2efd:a1ff:fe57:abb8]) by smtp.gmail.com with ESMTPSA id b8-v6sm12638419wrw.22.2018.08.10.08.51.16 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 10 Aug 2018 08:51:16 -0700 (PDT) Subject: Re: Erase memory on shutdown To: freebsd-questions@freebsd.org References: <20180805150241.1E186200349F8E@ary.qy> <4e70e969-14f7-c65d-96d2-dd1610499cd0@irk.ru> <63033.108.68.162.197.1533484522.squirrel@cosmo.uchicago.edu> <915020aa-65ba-7b8c-8676-40e41dc77c0a@kicp.uchicago.edu> From: cpghost Message-ID: <28e094e6-d425-7367-4519-0ae72da54901@cordula.ws> Date: Fri, 10 Aug 2018 17:51:15 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <915020aa-65ba-7b8c-8676-40e41dc77c0a@kicp.uchicago.edu> Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms060304070202020500010000" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Aug 2018 15:51:19 -0000 This is a cryptographically signed message in MIME format. --------------ms060304070202020500010000 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 08/10/18 17:24, Valeri Galtsev wrote: >=20 >=20 > On 08/10/18 09:08, cpghost wrote: >> On 08/05/18 17:55, Valeri Galtsev wrote: >>> Another route could be encryption of RAM on-the-fly while system runs= , yet >>> it is questionable where the encryption key itself is kept to be >>> unaccessible for the attacker in the attack above, and boot of such s= ystem >>> may require warm body present. >> >> What about SEV? >> >> https://developer.amd.com/amd-secure-memory-encryption-sme-amd-secure-= encrypted-virtualization-sev/ >> https://github.com/AMDESE/AMDSEV >=20 > I personally am an opponent of the other processor in my machine that h= as almighty access to my machine, can access external hosts via the same = physical network connection though not controllable by me, the sysadmin o= f the machine (or machine owner). It sounds to me that it is in the same = general direction as Intel ME. You're right. Basically, it's all about Trusting Trust[1], all over again= , but now on hardware/firmware. And what's worse: who can audit the crypto,= when done on a closed proprietary hardware design? But still, if we talk about encrypting memory, hardware-assists like thes= e where the (ephemeral) keys are kept in some hidden CPU registers that cle= ar much faster than (cold) DRAM/SRAM seems like a practical way to make cold boot attacks harder. [1] https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thomps= on.pdf > Out of two bads I choose the lesser bad. Namely: the possibility of att= ack by the bad guy who has physical access to my machine is lesser bad th= an the possibility of attack through super-system which I have no way to = modify, control, or turn off, that runs on another CPU, has control over = my hardware that runs my system, and my system is a slave to that super-s= ystem. >=20 > Do you think it is your machine? No, it is their machine (whoever they = are). >=20 > There is one (small?) company that tries to rid of all proprietary code= and other means of control, thus giving the owner full possession of his= hardware ("impregnable" for third parties, be it even the main CPU manuf= acturer): >=20 > https://puri.sm/ > https://puri.sm/posts/purism-librem-laptops-completely-disable-intel-ma= nagement-engine/ >=20 > They also implement open source coreboot instead of proprietary EFI or = BIOS. And they do not have in their hardware anything that requires avail= able as binary only "firmware" or "microcode". So, they use famous Athero= s WiFi, but they never use working great but running proprietary firmware= Intel WiFi. Good to know. Thanks for the pointer! > I'd like to hear if anyone knows about similar efforts by other compute= r manufacturers. >=20 > Sorry, this went a bit off the original point (but not quite off of it)= =2E >=20 > Valeri -cpghost. --------------ms060304070202020500010000 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC Cx4wggUwMIIEGKADAgECAhEAxi8czu5BfArXx+KbCt8qNjANBgkqhkiG9w0BAQsFADCBlzEL MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2Fs Zm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0Eg Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0EwHhcNMTcxMjIwMDAw MDAwWhcNMTgxMjIwMjM1OTU5WjAjMSEwHwYJKoZIhvcNAQkBFhJjcGdob3N0QGNvcmR1bGEu d3MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuV3EBb8py/1yrTdT8cb8h5Ocl h5XDYOn2HNcGCENONWU7Rrz9X+suOufiGCwUzrj+ysDLzM/jfB8EQMFH+uZrt9hi1gb9QvXh jzHvHqrb0P6Bj/HV8VvWyywa+BbuHNxuvOHB+ECpQYs4/Itfyhr4F/08FhweUpP7W+NKK/m8 VvLyY3kT5T58DYN0AvxgN6LK0ejbKD44wOrjK4EwuZpRmKewuWi+VquqRS04vo6xVE+h2tqq BUmVv4q9S6fHnvDcDCg3Gs4NTc6eujsHK6O9SLcgKB3CkHm5mxMkqGWNvtLb9p3/y9A+/v3n 2GRE07mmRkeJ43ntSytkz5xCiYmpAgMBAAGjggHoMIIB5DAfBgNVHSMEGDAWgBSCr2yM+MX+ lmF86B89K3FIXsSLwDAdBgNVHQ4EFgQUJVBhgnBvX0Bb+4bCJ8KLFjYJ4powDgYDVR0PAQH/ BAQDAgWgMAwGA1UdEwEB/wQCMAAwIAYDVR0lBBkwFwYIKwYBBQUHAwQGCysGAQQBsjEBAwUC MBEGCWCGSAGG+EIBAQQEAwIFIDBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgEBATArMCkGCCsG AQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8ubmV0L0NQUzBaBgNVHR8EUzBRME+gTaBL hklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDbGllbnRBdXRoZW50aWNhdGlv bmFuZFNlY3VyZUVtYWlsQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0 dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5k U2VjdXJlRW1haWxDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNv bTAdBgNVHREEFjAUgRJjcGdob3N0QGNvcmR1bGEud3MwDQYJKoZIhvcNAQELBQADggEBAAZ0 otdXgClU/ijwGvnOdARI7LVDD4pPg6BD1kTbMywUE6ti082zAvujveH4DkleGZaVByv1VHGV HAdB8S7P21bm2uGCxwJNdRGl2R8USNmE7OP0EXYlQLTXDQbpBBPoB8k5Tv8WGJfguxIrPpS6 L729xb5d75NoKFMYn8JHTlujcfYt5TZCir0tO5/B9BgfB01tokFQ814wpUWmXplnD+tfRLaJ OChKmyUnOi5qpBntd/PHpUDNFIUJy0QZ3sYt1PyW7ejhtMvGvI/cQLZdDOUXv432nu0dgy2K 8PDGRfhp/NZhW8He7ililwDIu4B229OfiKI3fpPCDtm+xz7V900wggXmMIIDzqADAgECAhBq m+E4O/8ra58B1dm4p1JWMA0GCSqGSIb3DQEBDAUAMIGFMQswCQYDVQQGEwJHQjEbMBkGA1UE CBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P RE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhv cml0eTAeFw0xMzAxMTAwMDAwMDBaFw0yODAxMDkyMzU5NTlaMIGXMQswCQYDVQQGEwJHQjEb MBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQK ExFDT01PRE8gQ0EgTGltaXRlZDE9MDsGA1UEAxM0Q09NT0RPIFJTQSBDbGllbnQgQXV0aGVu dGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAL6znlesKHZ1QBbHOAOY08YYdiFQ8yV5C0y1oNF9Olg+nKcxLqf2NHbZhGra0D00 SOTq9bus3/mxgUsg/Wh/eXQ0pnp8tZ8XZWAnlyKMpjL+qUByRjXCA6RQyDMqVaVUkbIr5SU0 RDX/kSsKwer3H1pT/HUrBN0X8sKtPTdGX8XAWt/VdMLBrZBlgvnkCos+KQWWCo63OTTqRvaq 8aWccm+KOMjTcE6s2mj6RkalweyDI7X+7U5lNo6jzC8RTXtVV4/Vwdax720YpMPJQaDaElmO upyTf1Qib+cpukNJnQmwygjD8m046DQkLnpXNCAGjuJy1F5NATksUsbfJAr7FLUCAwEAAaOC ATwwggE4MB8GA1UdIwQYMBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSCr2yM +MX+lmF86B89K3FIXsSLwDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAR BgNVHSAECjAIMAYGBFUdIAAwTAYDVR0fBEUwQzBBoD+gPYY7aHR0cDovL2NybC5jb21vZG9j YS5jb20vQ09NT0RPUlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEE ZTBjMDsGCCsGAQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FBZGRU cnVzdENBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqG SIb3DQEBDAUAA4ICAQB4XLKBKDRPPO5fVs6fl1bsj6JrF/bz9kkIBtTYLzXN30D+03Hj6OxC DBEaIeNmsBhrJmuubvyE7HtoSmR809AgcYboW+rcTNZ/8u/Hv+GTrNI/AhqX2/kiQNxmgUPt /eJPs92Qclj0HnVyy9TnSvGkSDU7I5Px+TbO+88G4zipA2psZaWeEykgzClZlPz1FjTCkk77 ZXp5cQYYexE6zeeN4/0OqqoAloFrjAF4o50YJafX8mnahjp3I2Y2mkjhk0xQfhNqbzlLWPoT 3m7j7U26u7zg6swjOq8hITYc3/np5tM5aVyu6t99p17bTbY7+1RTWBviN9YJzK8HxzObXYWB f/L+VGOYNsQDTxAk0Hbvb1j6KjUhg7fO294F29QIhhmiNOr84JHoy+fNLpfvYc/Q9EtFOI5I SYgOxLk3nD/whbUe9rmEQXLp8MB933Ij474gwwCPUpwv9mj2PMnXoc7mbrS22XUSeTwxCTP9 bcmUdp4jmIoWfhQm7X9w/Zgddg+JZ/YnIHOwsGsaTUgj7fIvxqith7DoJC91WJ8Lce3CVJqb 1XWeKIJ84F7YLXZN0oa7TktYgDdmQVxYkZo1c5noaDKH9Oq9cbm/vOYRUM1cWcef20Wkyk5S /GFyyPJwG0fR1nRas3DqAf4cXxMiEKcff7PNa4M3RGTqH0pWR8p6EjGCBDgwggQ0AgEBMIGt MIGXMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQH EwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDE9MDsGA1UEAxM0Q09NT0RP IFJTQSBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQQIRAMYvHM7u QXwK18fimwrfKjYwDQYJYIZIAWUDBAIBBQCgggJbMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTE4MDgxMDE1NTExNVowLwYJKoZIhvcNAQkEMSIEIN9RiRwY sGEwqAayxb/npZQ9FyRHmcJVbMzjtgEMKR8vMGwGCSqGSIb3DQEJDzFfMF0wCwYJYIZIAWUD BAEqMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcN AwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwgb4GCSsGAQQBgjcQBDGBsDCBrTCBlzEL MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2Fs Zm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0Eg Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEQDGLxzO7kF8CtfH 4psK3yo2MIHABgsqhkiG9w0BCRACCzGBsKCBrTCBlzELMAkGA1UEBhMCR0IxGzAZBgNVBAgT EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RP IENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9u IGFuZCBTZWN1cmUgRW1haWwgQ0ECEQDGLxzO7kF8CtfH4psK3yo2MA0GCSqGSIb3DQEBAQUA BIIBAERHDujyptctbu8+7o9lPXJZnru5tYFHvNXadkqwdaTu4c2p+AlE5qstrlVq22391sCN VmxISql86tL74bFtvGkgD475OBNvCVD2qJDy92DLseoU8gen021y8Kx/zr/w6PeTtjrRnpyd /8u2AKQ0M8h3BWioSPT486cy6BWDGNsCQjgF7XOWoffeZBa6nq0rqrAutqMnseqvboPO4WTO XHfdJlBjVicP7A8aE/3Tt1gLE5XttnOvOQ+Jk45gVoMXJxYhVLrNPQjD1vAJgN4zgp1viUf8 JgqtlNnZcVJG7k2aYQMMhkCAKftlAIbLO9AJE+hEPraJjHlXrgnepVCqw4gAAAAAAAA= --------------ms060304070202020500010000--