Here's a thought: if all classified data is
encrypted as it is stored (see for example
the program "Mobile Account Manager") then
you don't -have- to wipe the RAM as long as
you can ensure that the encryption key is
removed. Any remaining data you could find
by poking around in RAM would be useless
without the key.
--
-Richard M. Hartman
[EMAIL PROTECTED]
186,000 mi./sec ... not just a good idea, it's the LAW!
> -----Original Message-----
> From: David Tribble [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, March 10, 1999 4:01 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: Slicking Memory on a Palm III
>
>
> From Richard Hartman:
>
> > How's this then: don't leave the Pilot, but leave the memory board.
>
> Most of our users will be on Palm III or better. And I don't
> think the person buying into this would appreciate having the
> price jacked up for duplicate memory boards.
>
> > If they're that stiff on security, I don't know that they'd
> believe than any ram-wipe app really wiped the ram anyway...
>
> True. NSA is the authority for this stuff (de-classifying
> machines), but we're investigating for ourselves.
>
> From Tom Zerucha:
>
> >> Who do I ask to find out what RAM does when it's unpowered?
> >
> > It reverts to a random state, though dynamic memory might be all
> > zeros or ones since there will be no charge on the bits. But that
> > does not guarantee that the data won't be recoverable:
> > http://www.cs.auckland.ac.nz/~pgut001/secure_del.html
>
> Wow... that is good information. Thanks Tom. Unfortunately
> I don't have any suggestions on the PGP passphrase problem.
>
> Thanks everyone.
>
> trib
> ---------------------------------------------------------------
> David Tribble, INRI Hawaii - [EMAIL PROTECTED]
> 808.625.2118 (v) 808.625.6315 (f)
>
>
>
