Re: Fedora - Cold Boot Attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Nov 6, 2010 at 17:36, Vaclav Mocek <little.owl@xxxxxxxx> wrote:
> Hi all,
>
> I have read some articles about the Cold Boot Attacks and I am
> wondering  whether my Fedora box is protected against such kinds of
> attack, at least to some extent.

Ok there are several different "cold boot attacks". The one  I think
you are talking about is the removing memory from the system and
reading its contents with a special board. The kernel does not
generally provide a defense against that would be encrypting all data
in memory. Not sure how feasible it would be... you would also need to
make sure the video ram and other somehow supported it.

In the end, if someone has physical access to your system, you are not
going to be able to completely defend against a cold boot attack.
Encrypting the drive and keeping it reasonably secure is about all you
can do without having hardware that helps. [Due to the fact that Intel
hardware is really still trying to boot an 8088? when it starts up and
then become a better computer leaves all kinds of ways for some sort
of cold boot attack.] In the end, one would need to a) design the
hardware to be more resistant, b) use a cpu/hardware boot sequence
that isn't so crufty, and c) still do a good job of keeping the
hardware away from the maid.


> I work like an Embedded SW/HW Developer and my experience is that data
> could remain in the dynamic memory for quite long time, even in the room
> temperature. I have used it successfully for debugging, when a booting
> routine after the cold reset copies some parts of memory to another
> location which could be read lately.
>
> It would be usefull to overwrite some parts of memory (keys etc.),
> before the computer is switched off. So, my question is: Is there
> already implemented and used some kind of protection?
>
> Vaclav M.
> --
> devel mailing list
> devel@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/devel
>



-- 
Stephen J Smoogen.
"The core skill of innovators is error recovery, not failure avoidance."
Randy Nelson, President of Pixar University.
"Let us be kind, one to another, for most of us are fighting a hard
battle." -- Ian MacLaren
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux