Fred . wrote:
> Will
> su-c 'sync; echo 3 > /proc/sys/vm/drop_caches'
> protect against cold boot attacks?
No. Writing to drop_caches releases the memory for subsequent re-use;
it doesn't overwrite it, so anything stored in that memory is still
susceptible to a cold-boot attack.
> Is there anything that will protect against cold boot attacks?
Physical security.
Other than that, it's a matter of degree. Particularly sensitive
information (passwords, encryption keys) should be overwritten by the
application once they are no longer required. Larger amounts of
application data (i.e. documents) can't really avoid being held in
RAM.
--
Glynn Clements <glynn@xxxxxxxxxxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Linux Newbie]
[Audio]
[Hams]
[Kernel Newbies]
[Util Linux NG]
[Security]
[Netfilter]
[Bugtraq]
[Photo]
[Yosemite Photos]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Linux Device Drivers]
[Samba]
[Video 4 Linux]
[Git]
[Linux Resources]
[Fedora Users]
