An interesting case here I think. If a little esoteric/philosophical. UK lawmakers have set an interesting (dangerous?) precedent. Messages stored in a device’s RAM, e.g. while being prepared for sending, are classed as being STRORED rather than being IN TRANSIT. This has implications about the type of warrant law enforcement need to seize the data.
On first glance it sound illogical, as the RAM is just there to support the sending of the message. But, on the other hand, if the device never gets turned off, and the app never clears out the RAM, in practical terms it is pretty permanent.
There’s a ‘slippery slope’ argument - where will it end? Do the values in a CPU register count as being stored? Or the buffers in network switch gear? But I think that’s less interesting.
I think the main take away is any dev making privacy focused apps should make sure they dump the ram.
I’m interested to hear the community thoughts/comment.
I can see why it’s dangerous but, if I’m not mistaken, they’re technically correct since the ISO/OSI stack is responsible for defining a basic standard for data transmission and it doesen’t take into account the physical machines at play when sending and receiving data.
Also the fact that RAM is volatile doesen’t make it less of a storage mean compared to non-volatile storage. RAM is the way that it is just because it’s faster and cheaper to make it that way while mostly not sacrificing anything.
With a freezing agent is even possible to retrieve data from RAM through a cold boot attack which isn’t something new and kinda difficult to pull off, but still makes able someome to retrieve data from RAM. Law enforcement might use these methods aswell.
That’s what i was thinking aswell. Or just have them encrypted while stored and only if the application is on the foreground they’re decrytpted to be looked at.
I don’t know what the legal implications are, but I’m looking at AMD epyc and its RAM encryption, and I’m trying to remember if I ever saw something in coreboot about L3 caches that weren’t ram backed as an example.
Whats the latency cost of encrypting a cache line worth of data (64 bytes) with e.g. aes-256-xts or similar?
I’m also remembering some code that would overwrite ram that had contained sensitive data (key material or passwords) just as soon as it was not required.
The combination of these two techniques could be a powerful way to minimize the chances of successfully recovering data while it’s not being shown on the screen (ie. while it’s not needed).