These questions first require an understanding of RAM and how it
functions in any computer. That said, the short answers to your two
questions is no, except that recently some researchers have found it
possible to freeze RAM shortly after a machine was turned off-- within
seconds-- and thereby preserve it's state and so then retrieve data from
it. This is not a procedure most of us could carry out. And then
whether the password still is (or ever was) in RAM is another question.
Having written a little code in my time, I would sincerely guess not;
limiting a variable's scope and even overwriting the value of a variable
are too easy and here obvious *not* to do. A better answer than mine,
however, would be found by examining the code.
hth,
ken
--
War is a failure of the imagination.
--William Blake
On 09/26/2011 10:34 PM Eduardo Schultze wrote:
Hello,
I'm a Security Information student at Unisinos College, Brazil. As a
paper during this semester it was me and my colleagues choice to write a
paper about LUKS on Ubuntu 10.4.
My question is - Is it possible to retrieve the passphrase from RAM
memory after a successful authentication and shutdown? Is this case we
would turn the system on, authenticate, turn off, and then check if the
passphrase would still be in the RAM memory even with the turned off
computer.
If not, would it be possible to dump the RAM memory and retrieve the
passphrase (now with the system turned on)?
I looked for these answers at the FAQ section but couldn't find it.
Thanks in advance,
Eduardo Schultze.
------------------------------------------------------------------------
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
