Archive for the ‘Technology’ Category

We Have Ways to Make Your Computer Talk – Memory Latency Exploit

Lest We Remember: Cold Boot Attacks on Encryption Keys

Very public discussion on the memory latency aspects of common computer RAM being exploited by regular folk (not spooks) to access the most private parts of a laptop.

The techniques work the treat on DRAM, with only Error Correcting memory really significantly more secure.

The SRAM commonly used in video cards is much more secure – uncertain if much risk remains with current designs.

Note that the attack does not break the disk encryption, rather it uses the correct software key which is imaged in memory for much longer than we would expect.

The video in the Princeton article is quite good at explaining what is going on.

The reasons for encrypting your drives are several – privacy, HIPA, limiting due-diligence & negligence exposure, protecting what-if modeling, competitive information protection and again just plain old privacy.
Lest We Remember: Cold Boot Attacks on Encryption Keys

Related Princeton Blog

WIRED discussion