On Sun, Jan 11, 2009 at 11:53 PM, Sarah Dean <sdean12@xxxxxxxxxxx> wrote: > If you're nuking *all* the system's memory, you could end up > overwriting the process which is doing the overwriting/parts of the > system which it requires to operate; Wiping all RAM that is indeed the tricky part of this plan. That, I have no idea how to approach but believe it (possibly out of ignorance and optimism) to be solvable. (You wouldn't have to wipe *all* the RAM, if you were sure the parts you didn't wipe couldn't conceivably contain anything sensitive) > ISTM that the most efficient way of preventing cold boot attacks is to > simply dismount your encrypted volumes on the trigger event. Well, my thoughts are that on a system with mounted encrypted partitions, the sensitive information we are trying to protect is the contents of that partition. So, wiping the key is good, but if there's a buffer in RAM (be it caching file system io, or holding your irssi conversation) holding all your secrets that didn't get wiped, that's not so good. Thus I'd like to wipe it all. -- Roscoe --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
