From mboxrd@z Thu Jan  1 00:00:00 1970
From: Glynn Clements <glynn@gclements.plus.com>
Subject: Re: Protect against cold boot attacks?
Date: Thu, 24 Nov 2011 20:45:20 +0000
Message-ID: <20174.44256.195550.595437@cerise.gclements.plus.com>
References: <CAJgfmqXArW9JmgaJ+Z=tDVgu8ZscKLFS_6AWUjh15eg2rVa48Q@mail.gmail.com>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <linux-admin-owner@vger.kernel.org>
In-Reply-To: <CAJgfmqXArW9JmgaJ+Z=tDVgu8ZscKLFS_6AWUjh15eg2rVa48Q@mail.gmail.com>
Sender: linux-admin-owner@vger.kernel.org
List-ID: <linux-admin.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"
To: "Fred ." <eldmannen@gmail.com>
Cc: linux-admin@vger.kernel.org


Fred . wrote:

> Will
> su-c 'sync; echo 3 > /proc/sys/vm/drop_caches'
> protect against cold boot attacks?

No. Writing to drop_caches releases the memory for subsequent re-use;
it doesn't overwrite it, so anything stored in that memory is still
susceptible to a cold-boot attack.

> Is there anything that will protect against cold boot attacks?

Physical security.

Other than that, it's a matter of degree. Particularly sensitive
information (passwords, encryption keys) should be overwritten by the
application once they are no longer required. Larger amounts of
application data (i.e. documents) can't really avoid being held in
RAM.

-- 
Glynn Clements <glynn@gclements.plus.com>