On Wed, 7 Jan 2009 09:39:56 +0800, Roscoe wrote: >Hey all, > > >This particular attack seems to me to be the most likely way to defeat >any reasonably well setup dm-crypt scheme. > > >So, I have the following [likely non-original] idea, which is only >applicable in specific situations. > >That is to have a daemon, that upon some event, automatically erases >all the memory on the machine. > >The event could be a SMS, an email, some case alarm, but most likely >some physical trigger feed into the daemon via a microcontroller >plugged into USB/serial. >(The trigger could be a reed switch on a door, a motion sensor, >pressure gauge, an accelerometer etc..) > >Naturally you would need the computer in question to one a UPS. > >Also there would have to be either some kernel patch to add a >"wipe_all_system_mem()" functionality, or maybe one could leverage >kexec in some manner. > > >What do you guys think, does this sound reasonable? It sounds a little like "rm -rf /"; how far it would get in blowing your filesystem away would depend on various factors (e.g. what it hits first!) If you're nuking *all* the system's memory, you could end up overwriting the process which is doing the overwriting/parts of the system which it requires to operate; unless you're only looking to overwrite the unused portion of memory, which would be pretty trivial to do, though of debatable value. ISTM that the most efficient way of preventing cold boot attacks is to simply dismount your encrypted volumes on the trigger event. I haven't looked at the dm-crypt source wrt this - but I'd certainly *hope* that it carries out some actions to overwrite it's keys and other sensitive material before it free's the memory used off! -- Sarah Dean FreeOTFE site: http://www.FreeOTFE.org/ Personal site: http://www.SDean12.org/ For information on SecureTrayUtil, Shredders, On-The-Fly Encryption (OTFE) systems, etc, see the URLs above. --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
