Re: Protect against cold boot attacks?
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Fred . wrote: > Will > su-c 'sync; echo 3 > /proc/sys/vm/drop_caches' > protect against cold boot attacks? No. Writing to drop_caches releases the memory for subsequent re-use; it doesn't overwrite it, so anything stored in that memory is still susceptible to a cold-boot attack. > Is there anything that will protect against cold boot attacks? Physical security. Other than that, it's a matter of degree. Particularly sensitive information (passwords, encryption keys) should be overwritten by the application once they are no longer required. Larger amounts of application data (i.e. documents) can't really avoid being held in RAM. -- Glynn Clements <glynn@xxxxxxxxxxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html