Re: regarding the cold-boot attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Not entirely.  When I originally read about the cold boot attack, the
articles I was reading put it into the context of "even if you turn off
your computer, someone could come along several minutes later and retrieve
encryption keys from your RAM (oh noes!)".  I grasp the other issue of
someone power-cycling a computer while loop devices are mounted (or gpg
keys in memory, or whatever you like) :)

But thank you, now I'm on the same page.

--Nicholas

On Sun, January 4, 2009 8:56 pm, Anders Andersson wrote:
> Well, you missed checking what "cold boot" means, for example. Quoting
from Wikipedia:
>
> "A hard reboot (also known as a cold reboot, cold boot or cold start) is
when power to a computer is cycled (turned off and then on) or a special
reset signal to the processor is triggered (from a front panel switch of
some sort). This restarts the computer without first
> performing any shut-down procedure."
>
> The last sentence is what's important here.
>
> Kind regards,
> Anders
>
>
> On Sun, Jan 4, 2009 at 8:08 PM, Nicholas <nicholas@xxxxxx> wrote:
>> Regarding the Cold Boot attack, it occurred to me that all you would have
>> to do to defeat it is rig the linux kernel (or whatever OS you're
using) to just fill the memory with 0's before shutting down completely
(assuming
>> a soft shutdown is possible).  I'm not a computer programmer, but I would
>> imagine this would solve any problems with keys remaining in memory. 
Is this a viable option?  Or perhaps I'm missing something?
>>
>> --Nicholas
>snip!<




-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]