[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: BHDC11 - De-anonymizing Live CDs through Physical Memory Analysis
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: BHDC11 - De-anonymizing Live CDs through Physical Memory Analysis
- From: coderman <coderman@xxxxxxxxx>
- Date: Wed, 12 Jan 2011 04:06:05 -0800
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Wed, 12 Jan 2011 07:06:11 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=sg3gmZxCDQ7iJ5rblmnnYpHcEwKJF4Q1NNybJuIWMA0=; b=AkQtOCvPqraiNGob2awg3UF9SFIXRt6Xkx5H/uFI8smBpi0bvCg+EVXJ6tRh2yB+QJ wynupWfNcKtmkJi59iJ7JYbosswbxZqBhETSt1+LMe+aLVVDQy3KdhebERNiQSryjBRR /Z0iIP1qskc/pWHpiqlOrRxeGTqsatdj8ZyLg=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=EhqhHmG/3/OJysi307W2nNMkyfJt7UasrTo1ROytMk7hqN5D7qOFL8vLMKz/ihZO+D ybQb2u1ZXTiKE5PQgnirPxf2/upU54PAc3t9yaoF+2/npCrBO7h1x0zkEFFNdReyM1R2 lEXgfHQY69bFyN+tRj/zwfDWARMS7gq2FEiOw=
- In-reply-to: <85lj2ql6lb.fsf@xxxxxxxx>
- References: <AANLkTikpgLFFWzZw6YYZpxwxGArWM9HDd2zo2v6h9ZWN@xxxxxxxxxxxxxx> <85lj2ql6lb.fsf@xxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On Wed, Jan 12, 2011 at 3:11 AM, intrigeri <intrigeri@xxxxxxxx> wrote:
> ...
>> (do Tor Live CDs need a new kexec target for memtest sweeps / ram
>> zeroisation? :)
>
> As far as I understand, this seems like enhancements over the cold
> boot attack, and one more reason why Tor Live CDs should wipe the
> system memory on shutdown. Am I misunderstood?
likely so. however, more than just wipe at shutdown is useful.
explicit ordered zeroisation is handy. (starting with keys and key
schedules, working cipher state, then on to user data, before
completing a full pass or three. this takes a smart kexec or other ham
fisted - still worth the effort.)
synchronous wipe on shutdown in foreground with progress indication. i
argue this necessity on usability basis.
experimental methods like key and state storage in CPU cache lines may
hold promise.
physical rendition of your solid state memory via self-powered
capacitive discharge initiated by big red panic button! (ok, not
really. you get the picture :)
> Most Tor Live CDs (e.g. the good old, now obsolete, Incognito, and its
> spiritual successor T(A)ILS) have been doing this for ages.
yes, i've seen the sleep 10 magic smem trick, and this is one reason
why pre-empting the entire runtime to execute a wipe is useful - there
are no locked devices or blocking operations contending for resources
with the wipe procedure itself.
in any case, this begs the question of best practice in solid state
remanence avoidance. it would make a good FAQ entry, perhaps...
best regards,
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/