Re: RIP: Full disk encryption?

[der Mouse <mouse () rodents montreal qc ca>]

> > The move, which cannot be carried out remotely, exploits a
> > little-known vulnerability of the dynamic random access, or DRAM,
> > chip.  Those chips temporarily hold data, including the keys to
> > modern data-scrambling algorithms.  When the computer’s electrical
> > power is shut off, the data, including the keys, is supposed to
> > disappear.
> I heard that before, but thought it is a hoax considering the fact
> DRAM cells are being refreshed quite often (every 64ms?).  Anyone
> tried that?

I haven't tried the vulnerability described per se, but I can attest to
the reality of some kind of memory effect; I've seen the kernel message
buffer mostly survive a power-cycle after having been constant (as far
as the RAM is concerned) for hours.  Whether this is the effect
described in the paper at hand or the "long-stored data skews the cell"
effect I am not in a position to say.

I find it plausible that frequent refresh is necessary to get the error
rate down to within specs for the chip, but that less frequent refresh
(seconds- or minutes-long) still preserves most of the data.  (Consider
that a bit error rate of, say, 2% is insanely high for normal use but
quite low enough to be useful to an attacker.)

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               mouse () rodents montreal qc ca
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.