Cold Boot Attack Utilities Released At HOPE Conference 113
An anonymous reader writes "Jacob Appelbaum, one of the security researchers who worked on the cold boot attacks to recover encryption keys from memory even after reboot, has announced the release of the complete source code for the utilities at The Last HOPE in New York City. The hope (obligatory pun) is that the release of these tools will help to improve awareness of this attack vector and enable the development of countermeasures and mitigation techniques in both software and hardware. The full research paper (PDF) is also available."
because the fix would have to be in-hardware (Score:5, Informative)
and not just the machine hardware, but rather the RAM stick itself.
Essentially the exploit relies on data that is in RAM to still exist, even if it's just for a few seconds, if you take it out of the machine.
You could add a 'write random crap to RAM' thing to your shutdown procedure, but that won't help if they simply power the machine off.
The machine hardware could write random crap to RAM when it is powered down, but that won't help if they simply yank the RAM stick out while the machine is still running.
So the RAM stick itself would have to detect that it is no longer connected to any motherboard and, using a charge kept in a capacitor, for example, flash itself with random crap.. or whatever.
Keep in mind that this 'exploit' is quite difficult to execute, requiring not just physical access to the machine - but to the RAM. While the machine is running (or was running within the last N seconds, at least). In the vast majority of environments, that's going to be extremely difficult.. unless you own (or operate) that machine and you have no particular way of being caught.
Re:Memory wiper? (Score:5, Informative)
You cool the chips down in the running computer with a spray duster, pull them out, and put them in a computer that you control.
No software solution can be used to stop you doing this, it has to be a hardware based solution.
Re:because the fix would have to be in-hardware (Score:3, Informative)
But then you'd have to input your passphrase each time you open a bloody file. Well if there's only few very important files, it's acceptable.
Re:Tamper proof case, anyone? **MOD PARENT DOWN** (Score:1, Informative)
The parent poster to this post shouldn't be marked as insightful as the poster hasn't got a single clue what they are talking about. Quote:thermite goes off, and boom just a molten blob of goo.
Goes off? Boom?!? WTF?!? The poster obviously hasn't even got a basic clue what they are talking about. Indeed to quote wikipedia at a basic level: "....It is not explosive, but can create short bursts of extremely high temperatures focused on a very small target for a short period of time...."
Hence why Thermite is used to do things such as weld metals such as railway lines together rather than an explosive which strangely has the opposite effect. It also doesn't just go off either!