On Sat, Nov 6, 2010 at 17:36, Vaclav Mocek <little.owl@xxxxxxxx> wrote: > Hi all, > > I have read some articles about the Cold Boot Attacks and I am > wondering whether my Fedora box is protected against such kinds of > attack, at least to some extent. Ok there are several different "cold boot attacks". The one I think you are talking about is the removing memory from the system and reading its contents with a special board. The kernel does not generally provide a defense against that would be encrypting all data in memory. Not sure how feasible it would be... you would also need to make sure the video ram and other somehow supported it. In the end, if someone has physical access to your system, you are not going to be able to completely defend against a cold boot attack. Encrypting the drive and keeping it reasonably secure is about all you can do without having hardware that helps. [Due to the fact that Intel hardware is really still trying to boot an 8088? when it starts up and then become a better computer leaves all kinds of ways for some sort of cold boot attack.] In the end, one would need to a) design the hardware to be more resistant, b) use a cpu/hardware boot sequence that isn't so crufty, and c) still do a good job of keeping the hardware away from the maid. > I work like an Embedded SW/HW Developer and my experience is that data > could remain in the dynamic memory for quite long time, even in the room > temperature. I have used it successfully for debugging, when a booting > routine after the cold reset copies some parts of memory to another > location which could be read lately. > > It would be usefull to overwrite some parts of memory (keys etc.), > before the computer is switched off. So, my question is: Is there > already implemented and used some kind of protection? > > Vaclav M. > -- > devel mailing list > devel@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/devel > -- Stephen J Smoogen. "The core skill of innovators is error recovery, not failure avoidance." Randy Nelson, President of Pixar University. "Let us be kind, one to another, for most of us are fighting a hard battle." -- Ian MacLaren -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
