Stealing Disk Encryption Keys From RAM
Fascinating.
You can read more here.
Contact
- Subscribe to RSS Feed
- Want our Newsletter?
- AIM: GeminiPresident
- +1 703-378-5808
Recent Posts
- Sending Encrypted E-mail with Outlook 2007
- Emergency Windows Patch Released
- OS X Keychain
- Disabling Firefox's 'Secure Connection Failed' Warning
- New attention given to old tricks
- Economic Uncertainty Affects Security Too
- PKI Part I: Public-Key Cryptography
- Critical Flash Player Update
- Client SSL Authentication for Microsoft IIS 6.0 Part 1: Obtaining and installing a server certificate
- Clickjacking and how you can prevent it
Archives
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
Categories
- article (1)
- cool (23)
- data protection (31)
- data theft (15)
- general (53)
- hacking (14)
- hardware (15)
- passwords (7)
- privacy (36)
- rants (66)
- regulations (5)
- software (52)
- standards (8)
- Technology & Tool Thursday (7)
- Tutorial Tuesday (8)
- Uncategorized (31)
- users (24)
- vendors (11)
© Gemini Security Solutions, Inc. 2008. All Rights Reserved. Privacy Policy
February 21st, 2008 at 6:55 pm
I heard Nicko Van Someren talk about finding keys in memory at RSA Europe in 2000, but when he spoke the ability steal RAM from a sleeping computer was unknown. Fascinating demonstration of the exploit. This is why cryptomodules must provide the ability to zeroize keys, regardless of where they are stored.
From what I’ve heard, RAM need not be overwritten more than once like magnetic media must, but perhaps that is a commonly held mistaken impression also.
February 21st, 2008 at 8:37 pm
Nice, I think I’m going to go home and experiment a little…
http://citp.princeton.edu/memory/exp/