[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: data remanence

Flash is writable, so can be tampered. The critical secret (the
server's key) is in the ro part. So what good is it?

There are a variety of hardware devices that attempt to address this .. IBM's secure crypto cards (PCI) come to mind -- these are used in a variety of ATMs for example, and store the key in volatile memory, protected against side-channel and physical attack.

Really, guys. If it is protection against governments you want, you
are barking up the wrong tree. Too difficult.

It's fun to try though, and since I'm not doing anything illegal with TOR, I'm only trying to help save other people's bacon.

While you'll never make anything *impossible*, you can make it so bloody difficult and expensive that you'll can tire your advisory.

Remember, the price of freedom is eternal vigilance (Jefferson).