We Have Ways to Make Your Computer Talk – Memory Latency Exploit

Lest We Remember: Cold Boot Attacks on Encryption Keys
—————-

Very public discussion on the memory latency aspects of common computer RAM being exploited by regular folk (not spooks) to access the most private parts of a laptop.

The techniques work the treat on DRAM, with only Error Correcting memory really significantly more secure.

The SRAM commonly used in video cards is much more secure – uncertain if much risk remains with current designs.

Note that the attack does not break the disk encryption, rather it uses the correct software key which is imaged in memory for much longer than we would expect.

The video in the Princeton article is quite good at explaining what is going on.

The reasons for encrypting your drives are several – privacy, HIPA, limiting due-diligence & negligence exposure, protecting what-if modeling, competitive information protection and again just plain old privacy.
———————
Lest We Remember: Cold Boot Attacks on Encryption Keys

http://citp.princeton.edu/memory/

Related Princeton Blog

http://www.freedom-to-tinker.com/?p=1257
————————

WIRED discussion

http://blog.wired.com/27bstroke6/2008/02/researchers-dis.html

Advertisements

3 comments so far

  1. […] Greener Assets wrote an interesting post today onHere’s a quick excerpt Lest We Remember: Cold Boot Attacks on Encryption Keys —————- Very public discussion on the memory latency aspects of common computer RAM being exploited by regular folk (not spooks) to access the most private parts of a laptop. The techniques work the treat on DRAM, with only Error Correcting memory really significantly more secure. The SRAM commonly used in video cards is much more secure – uncertain if much risk remains with current designs. Note that the attack does not break the disk […]

  2. […] Greener Assets wrote an interesting post today onHere’s a quick excerpt […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: