> Also somewhat related, there's been a lot of buzz today regarding some > interesting work retrieving disk encryption keys from DRAM, even after > the machine has been powered-down and back on again: > > http://citp.princeton.edu.nyud.net/pub/coldboot.pdf > > Turns out DRAMs are a lot more persistent than people may have thought. > -- > Hal Pomeranz, Founder/CEO Deer Run Associates [EMAIL PROTECTED]
And SRAMs are more persistent, despite some folks speculations to the contrary. (We saw this sort of thing when designing calculator chips. That meant we had to have a dedicated circuit and software to deal with power loss.) I hope, and expect, Linux to come up with a solution before Windoze and Mac. We shall see. Some folks are saying this will be nearly impossible to fix. I don't think so. We may already have the tools. Of course, it will require existing security programs to be modified. Painful, but far from impossible. Can you register a function to be called when the power supply voltage is dropping? If so, you can wipe any sensitive variables in your program. Another solution would be to add a call to the kernel: Allocate super volatile memory. Then when the kernel detects power loss or shutdown, wipe that area. Again this requires all security programs to me modified. I imagine there are better solutions that these. They're just what I came up with. -- Allen Brown http://brown.armoredpenguin.com/~abrown _______________________________________________ EUGLUG mailing list [email protected] http://www.euglug.org/mailman/listinfo/euglug
