[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: BHDC11 - De-anonymizing Live CDs through Physical Memory Analysis



Hi,

intrigeri wrote (13 Jan 2011 11:37:51 GMT) :

>> explicit ordered zeroisation is handy. (starting with keys and key
>> schedules, working cipher state, then on to user data, before
>> completing a full pass or three. this takes a smart kexec or other
>> ham fisted - still worth the effort.)

> The kexec idea seems brilliant to me: this is the best way I can
> think of to run the memory wipe process inside an environment where
> almost all of the memory is considered as being free.

> I have thus started implementing this idea in T(A)ILS. Thanks to
> Debian's initramfs-tools and kexec-tools, drafting an early
> prototype was quite easy. Stay tuned, more to come soon.

Now implemented in T(A)ILS "devel" Git branch (this email will
probably reach the list before I am able to push a few bugfixes and
polishing commits to the online repository, though => reviewers: you
are obviously welcome but please wait until you can fetch
14d9d824..8163695d).

Next steps are (help is warmly welcome):

  - test this code on bare metal (not done yet :/)
  - move this code into a new Debian package that would not depend on
    T(A)ILS at all; doing so would offer protection against memory
    recovery attacks to non-Live (GNU/Linux) systems users. I had this
    future step in mind while implementing this feature in T(A)ILS, so
    this should not be too hard a thing to do.
  - make the kexec-tools Debian package's initscripts behavior
    customizable enough so that we have less code to maintain
    ourselves.

Bye,
--
  intrigeri <intrigeri@xxxxxxxx>
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
  | Every now and then I get a little bit restless
  | and I dream of something wild.
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/