On Mon, Feb 25, 2008 at 9:33 PM, Ken Schaefer <[EMAIL PROTECTED]> wrote: > What I was saying is that if you have sensitive information and are relying > significantly on disk encryption techniques, then do not keep the keys in > memory during times when the laptop can be stolen (aka which is most > likely when you are not using it).
*Ohhhhh*. I get it now. Okay, yah, that makes sense, and would work. Keep the machine under physical control until and unless the machine has been shutdown and you're sure the RAM has had time to sanitize, even if it were to be attacked as described in the article. Thinking about it, it should be possible (in theory) to have the system execute some kind of clearing/sanitization routine upon shutdown, to counter even the small window after nominal shutdown this attack needs. Maybe have the BIOS/firmware zero all RAM when the ACPI "Power Off" function is invoked, before actually powering off. I think you could do that using just CPU registers. Still, if somebody does manage to steal a running system (say the user is physically assaulted in a cafe), the system would be vulnerable to this attack (in theory), which is a big switch from conventional thinking. It never ends... -- Ben ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
