From owner-freebsd-questions@freebsd.org Mon Aug 6 01:53:09 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9969F1065EFC for ; Mon, 6 Aug 2018 01:53:09 +0000 (UTC) (envelope-from thor@irk.ru) Received: from mail.irk.ru (mail.irk.ru [195.206.40.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1F5F181816 for ; Mon, 6 Aug 2018 01:53:09 +0000 (UTC) (envelope-from thor@irk.ru) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=irk.ru; s=dkim; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version: Date:Message-ID:From:References:To:Subject:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=o/Tv5bzff5vK/oLosXd0F8LsnU6sEOs1BZctq7Qn65E=; b=WY5AwJfHOomxOojZEo7mtPi1DX W/TcqpnPzf9+dLAul9jfaRMqSZx8fJp5EY1momnk2jjNzSkjQ6ErGmT7WYLiv8AY/Hn/su+pr5YR0 4+fR08DyF01ebiJMvalCZef3iGzVBD2hrzXtR2BrTL/hpLwX9FykeMs1jJjlucx10MT4=; Received: from [194.176.114.54] (helo=[192.168.1.130]) by mail.irk.ru with esmtpa (Exim 4.89 (FreeBSD)) (envelope-from ) id 1fmUYf-000L31-2W for freebsd-questions@freebsd.org; Mon, 06 Aug 2018 09:43:41 +0800 Subject: Re: Erase memory on shutdown To: freebsd-questions@freebsd.org References: <20180805150241.1E186200349F8E@ary.qy> <4e70e969-14f7-c65d-96d2-dd1610499cd0@irk.ru> <63033.108.68.162.197.1533484522.squirrel@cosmo.uchicago.edu> <20180806073738.6f459398.freebsd.ed.lists@sumeritec.com> <57043.108.68.162.197.1533514207.squirrel@cosmo.uchicago.edu> From: thor Message-ID: <5f673fdc-4dd8-663a-605a-6b7cdce5206d@irk.ru> Date: Mon, 6 Aug 2018 09:52:01 +0800 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 MIME-Version: 1.0 In-Reply-To: <57043.108.68.162.197.1533514207.squirrel@cosmo.uchicago.edu> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Aug 2018 01:53:09 -0000 For any level of physical protection there is an adversary that could breach it. So the first stage of protection is physical one, the second is the breach detection that initiates clean shutdown. Problem is to erase everything on this shutdown. Or maybe I should start a reboot that hangs on "Enter passphrase for /dev/ada0p3.eli" and erases the memory in the process? On 08/06/18 08:10, Valeri Galtsev wrote: > > Please, correct me if I am wrong in the following: > > If the attacker yanks off the power cord, then cold boots off his media, > your defense/erasure of memory does not protect you against this attack. > Right? Your defense only helps if the attacker does clean shutdown. Right? >