Re: [gentoo-user] Can RAM render useless the encryption of the / and swap partitions?

[Hans-Werner Hilse <hilse@web.de>]

Hi,

On Thu, 4 Oct 2007 20:33:40 +0200 "Liviu Andronic"
<landronimirc@gmail.com> wrote:

> On 10/4/07, Alan McKinnon <alan@linuxholdings.co.za> wrote:
> > On Thursday 04 October 2007, Hans-Werner Hilse wrote:
> > > However, it makes sense to clean up memory after having
> > > critical data in it -- e.g. a reboot doesn't necessarily clean up
> > > RAM.
> >
> > Yes, this is very true
> 
> BUT
> 
> On 10/4/07, Alan McKinnon <alan@linuxholdings.co.za> wrote:
> > Pray tell, how does RAM manage to retain data when the power is off?
> 
> ...and...
> On 10/4/07, Volker Armin Hemmann
> <volker.armin.hemmann@tu-clausthal.de> wrote:
> > In practice, after power is cut, everything in ram is lost.
> 
> So, my eternal question, is it realistic for the "lost" RAM data to be
> recovered? That is, after system shutdown, does the data still
> physically reside on the RAM and can someone with a decent technology
> and know-how recover it? In other words, is this a serious breach in
> any encrypted system?

No, it isn't. Well, I didn't had the full circuit design of today's
DRAMs in mind, and yes, since there's the resistor, the capacitor will
lose its load (very) soon (/me scratches his head, wasn't there
something asymptotically in that graph? But in any way, it would be a
difference of very few electrons on the sides of the capacitor) --
that's not a security breach.

But: We are talking about _powering_ _off_ the DRAM. You are talking
about shutting down. That might be two different things and completely
depend on hardware design. Make shure that RAM's gonna get powered off
and you're save. So pulling the plug should give you a warm good
feeling in that regard. Doing a "sudo halt", however, _might_ have
other consequences and we cannot make a general assumption on that.
Even pulling the plug might have problems: There's such thing as
battery-buffered RAM (although I think they've used it mainly in the
pre-Flash era).

The thing is: You never can guarantee security, that's absolutely
impossible (well, of course you can, but you would automatically be
wrong). You can do all your best, but that's about it. Having security
is a thing you can falsify, but never verify, since theorys can't be
verified without dogmas (and there are no accepted dogmas that would
help here).

-hwh
-- 
gentoo-user@gentoo.org mailing list