Erase memory on shutdown
Erich Dollansky
freebsd.ed.lists at sumeritec.com
Mon Aug 6 02:38:13 UTC 2018
Hi,
On Sun, 5 Aug 2018 19:10:07 -0500 (CDT)
"Valeri Galtsev" <galtsev at kicp.uchicago.edu> wrote:
> On Sun, August 5, 2018 6:37 pm, Erich Dollansky wrote:
> > Hi,
> >
> > On Sun, 5 Aug 2018 10:55:22 -0500 (CDT)
> > "Valeri Galtsev" <galtsev at kicp.uchicago.edu> wrote:
> >
> >> On Sun, August 5, 2018 10:26 am, thor wrote:
> >> > https://en.wikipedia.org/wiki/Cold_boot_attack
> >> >
> >>
> >> The trouble is that erasing RAM on clean shutdown does not prevent
> >> the attacker in the attack as above from still successfully
> >> perform the
> >
> > so, ECC is also here the only possible answer, at least for parts
> > of it.
> >
> > Still, erasing memory when shutting down helps in some cases. I do
> > this on my machines for small parts when a shutdown is detected. It
> > makes at least the most obvious attacks from that side difficult.
>
> Please, correct me if I am wrong in the following:
>
> If the attacker yanks off the power cord, then cold boots off his
> media, your defense/erasure of memory does not protect you against
> this attack. Right? Your defense only helps if the attacker does
> clean shutdown. Right?
>
what is the difference between 'some cases' and 'all cases'?
If the owner of a machine is not able to stop physical access to a
machine, there will be other ways to attack it. Shutting down a machine
allows a normal owner of the machine to wait at the location as most
owners are not on the run.
Erich
More information about the freebsd-questions
mailing list