I've been very busy with school and have not had time to post on the forms lately.
From looking at ways to hack a pc. I have found that in order to get an encryption key, the fastest way with physical access, is to flash them to a USB drive from an immediate reset. or you can LN2 the ram. in order to protect from the former method, because the encryption keys are stored on the ram, can i use ECC ram to clear all the bits back to 0 in an event of an power outage. Also will ECC ram work with cpus that don't support ECC ram or will the ram default to non-ecc characteristics. I under stantand that i wont get the benefit of flipping a 1 back to a 0 in the event of a solar flare, but that part is okay. Will the ecc ram with a non ecc CPU still wipe its self when the power stops?
Im looking at getting an A5750m laptop or if need be i will find an I7 +640m(or better/newer) I also will be installing Ubuntu so having a gpu on the cpu only would be simpler. I dont want to mess around with bumblebee if i dont need to.
Protections against cold boot attacks are an interesting topic. I only found one source which talks about ECC ram in regards to this attack:
http://www1.cs.fau.de/filepool/projects/coldboot/fares_coldboot.pdf
Whether this memory reset is done as part
of fullfilling the TCG Platform Reset Attack Mitigation
Specification [
17
] or, as suspected by Halderman et al., as
a quirk of ECC-capable systems to always bring the RAM
to a known state whether or not ECC RAM is actually
installed or not, remains an open question
So, it seems like ECC ram protects you from cold boot attacks but I wouldn't bet all my money on it. I also don't know anything about compatiblity.
It also looks like DDR3 ram lowered the risk of a cold boot attack.
But to be honest, I think that for a good protection you need special hardware and adjusted software. I could think of some special RAM on which you could store the keys which has it's own little power suply and can rewrite it's memory when it doesn't have a connection.
(Bump) and thats a good point. because im trying to protect from a cold boot attack via usb-flash-drive dump and i use encryption i should be safe from one cold boot attack just with ddr3 but my concern is that because my system will have a fast ssd the computer will reboot in say 10 secs allowing a couple of offloads to happen with a "warm reset attack"-(which could still get my encryption keys hacked. right?) if im away for a minute or two. Whats the best way to protect from cold/warm boot attacks?
also in the Doc. they were looking At 256kb data points and i think encryption keys are much smaller.
you have to have a specific processor and motherboard to support ECC
Im looking at an A10-5750m(apu) or an i7(mobile 4core/8) cpu. If someone could point me to a Xeon laptop for under 1k that would be fantastic. ps i love your picture!
warm reset attack are not possible anymore because motherboard vendors agreed on a standard to prevent this (the BIOS overwrites parts of the RAM if there was no clean shutdown process). If you shutdown your computer the keys will be overwritten by the programs themselfs.