Fedora - Cold Boot Attack

Stephen John Smoogen smooge at gmail.com
Sun Nov 7 18:57:47 UTC 2010 

On Sat, Nov 6, 2010 at 17:36, Vaclav Mocek <little.owl at email.cz> wrote:
> Hi all,
>
> I have read some articles about the Cold Boot Attacks and I am
> wondering  whether my Fedora box is protected against such kinds of
> attack, at least to some extent.

Ok there are several different "cold boot attacks". The one  I think
you are talking about is the removing memory from the system and
reading its contents with a special board. The kernel does not
generally provide a defense against that would be encrypting all data
in memory. Not sure how feasible it would be... you would also need to
make sure the video ram and other somehow supported it.

In the end, if someone has physical access to your system, you are not
going to be able to completely defend against a cold boot attack.
Encrypting the drive and keeping it reasonably secure is about all you
can do without having hardware that helps. [Due to the fact that Intel
hardware is really still trying to boot an 8088? when it starts up and
then become a better computer leaves all kinds of ways for some sort
of cold boot attack.] In the end, one would need to a) design the
hardware to be more resistant, b) use a cpu/hardware boot sequence
that isn't so crufty, and c) still do a good job of keeping the
hardware away from the maid.


> I work like an Embedded SW/HW Developer and my experience is that data
> could remain in the dynamic memory for quite long time, even in the room
> temperature. I have used it successfully for debugging, when a booting
> routine after the cold reset copies some parts of memory to another
> location which could be read lately.
>
> It would be usefull to overwrite some parts of memory (keys etc.),
> before the computer is switched off. So, my question is: Is there
> already implemented and used some kind of protection?
>
> Vaclav M.
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
>



-- 
Stephen J Smoogen.
"The core skill of innovators is error recovery, not failure avoidance."
Randy Nelson, President of Pixar University.
"Let us be kind, one to another, for most of us are fighting a hard
battle." -- Ian MacLaren

More information about the devel mailing list