Date: Mon, 6 Aug 2018 10:36:19 +0800 From: Erich Dollansky <freebsd.ed.lists@sumeritec.com> To: "Valeri Galtsev" <galtsev@kicp.uchicago.edu> Cc: "John Levine" <johnl@iecc.com>, freebsd-questions@freebsd.org, "thor" <thor@irk.ru> Subject: Re: Erase memory on shutdown Message-ID: <20180806103619.3c8b4cf0.freebsd.ed.lists@sumeritec.com> In-Reply-To: <57043.108.68.162.197.1533514207.squirrel@cosmo.uchicago.edu> References: <20180805150241.1E186200349F8E@ary.qy> <4e70e969-14f7-c65d-96d2-dd1610499cd0@irk.ru> <63033.108.68.162.197.1533484522.squirrel@cosmo.uchicago.edu> <20180806073738.6f459398.freebsd.ed.lists@sumeritec.com> <57043.108.68.162.197.1533514207.squirrel@cosmo.uchicago.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Sun, 5 Aug 2018 19:10:07 -0500 (CDT) "Valeri Galtsev" <galtsev@kicp.uchicago.edu> wrote: > On Sun, August 5, 2018 6:37 pm, Erich Dollansky wrote: > > Hi, > > > > On Sun, 5 Aug 2018 10:55:22 -0500 (CDT) > > "Valeri Galtsev" <galtsev@kicp.uchicago.edu> wrote: > > > >> On Sun, August 5, 2018 10:26 am, thor wrote: > >> > https://en.wikipedia.org/wiki/Cold_boot_attack > >> > > >> > >> The trouble is that erasing RAM on clean shutdown does not prevent > >> the attacker in the attack as above from still successfully > >> perform the > > > > so, ECC is also here the only possible answer, at least for parts > > of it. > > > > Still, erasing memory when shutting down helps in some cases. I do > > this on my machines for small parts when a shutdown is detected. It > > makes at least the most obvious attacks from that side difficult. > > Please, correct me if I am wrong in the following: > > If the attacker yanks off the power cord, then cold boots off his > media, your defense/erasure of memory does not protect you against > this attack. Right? Your defense only helps if the attacker does > clean shutdown. Right? > what is the difference between 'some cases' and 'all cases'? If the owner of a machine is not able to stop physical access to a machine, there will be other ways to attack it. Shutting down a machine allows a normal owner of the machine to wait at the location as most owners are not on the run. Erich
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180806103619.3c8b4cf0.freebsd.ed.lists>