On 2/26/08 7:39 AM, "Angus Scott-Fleming" <[EMAIL PROTECTED]> wrote:
> On 25 Feb 2008 at 21:45, Ben Scott wrote: > >> Thinking about it, it should be possible (in theory) to have the system >> execute some kind of clearing/sanitization routine upon shutdown, to counter >> even the small window after nominal shutdown this attack needs. Maybe have >> the BIOS/firmware zero all RAM when the ACPI "Power Off" function is invoked, >> before actually powering off. I think you could do that using just CPU >> registers. > > Unmounting a Truecrypt drive does just that -- overwrites the key in RAM. > How does that change in Truecrypt 5.0, now that there's full disk encryption available? >> Still, if somebody does manage to steal a running system (say the >> user is physically assaulted in a cafe), the system would be >> vulnerable to this attack (in theory), which is a big switch from >> conventional thinking. It never ends... > > Discussions on the Truecrypt forums point out that epoxying the RAM in place > and disabling all boot media except the HDD in a passworded BIOS should give > adequate protection against all but the most determined hackers (e.g. the > Feds). > > -- > Angus Scott-Fleming > GeoApps, Tucson, Arizona > 1-520-290-5038 > +-----------------------------------+ -- Salvador Manzo [ 620 W. 35th St - Los Angeles, CA 90089 e. [EMAIL PROTECTED] ] Auxiliary Services IT, Datacenter University of Southern California 818-612-5112 "The secret of happiness is freedom, and the secret of freedom is courage". Pericles' Funeral Oration (431 BC) ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
