Erase memory on shutdown
Valeri Galtsev
galtsev at kicp.uchicago.edu
Mon Aug 6 14:59:05 UTC 2018
On 08/06/18 08:43, Polytropon wrote:
> On Sun, 5 Aug 2018 19:10:07 -0500 (CDT), Valeri Galtsev wrote:
>>
>> On Sun, August 5, 2018 6:37 pm, Erich Dollansky wrote:
>>> Hi,
>>>
>>> On Sun, 5 Aug 2018 10:55:22 -0500 (CDT)
>>> "Valeri Galtsev" <galtsev at kicp.uchicago.edu> wrote:
>>>
>>>> On Sun, August 5, 2018 10:26 am, thor wrote:
>>>>> https://en.wikipedia.org/wiki/Cold_boot_attack
>>>>>
>>>>
>>>> The trouble is that erasing RAM on clean shutdown does not prevent the
>>>> attacker in the attack as above from still successfully perform the
>>>
>>> so, ECC is also here the only possible answer, at least for parts of it.
>>>
>>> Still, erasing memory when shutting down helps in some cases. I do this
>>> on my machines for small parts when a shutdown is detected. It makes at
>>> least the most obvious attacks from that side difficult.
>>
>> Please, correct me if I am wrong in the following:
>>
>> If the attacker yanks off the power cord, then cold boots off his media,
>> your defense/erasure of memory does not protect you against this attack.
>> Right? Your defense only helps if the attacker does clean shutdown. Right?
>
> Clearing memory at shutdown time won't happen when
> shutdown time doesn't take place. Many cold boot
> attacks rely on surprisingly (!) interrupting the
> power, which implies physical access, and then
> booting from a custom media, so even clearing
> memory at startup time doesn't happen.
>
> All those precautions only work when physical access
> is taken out of consideration.
Yes, my point exactly. Thanks!
Valeri
>
>
--
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
More information about the freebsd-questions
mailing list