[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] Tor-ramdisk 20150616 released



On Mon, Jun 22, 2015 at 04:05:57PM -0400, Anthony G. Basile wrote:
> Are you referring to cold boot attack?

Not really, depending on memory controller and memorytype most
of the data, especially ram based static stuff is easy to extract.

If you put stuff into ram, I may find it in 6 of 10 cases. 
That is 2 reboots. On arm (sunxi) the same.

Another option is to suspend the device and make it dump the memory
to disk/swap (try it, you'd be suprised what you find).

If the target has some kind of sharedmemory, you are able to extract
complete framebuffer images (console or desktop).

I am not talking about keys that are somehow in use, I am talking data
like keys that reside in a rambased fs like tmpfs, or ramdisks with a 
filesystem (like the kernelbased ramdisks w/fixed size which were popular 
way before tmpfs).

If you put stuff into ram, most people don't realize it may also end in
swap (depending on usage patterns, load an the like).

> >If its run inside a vm, it's worse. :)
> Yes, all well known issues.

You mentioned coldboot, the tresor-patches only work with aes.
They are awesome if you use luks and isolate mbr, boot partition and the 
luks header from the disk to an usb stick or a memory card.

A host (x86, arm) is a brick with random data without the removable
device, when powered down. Don't forget the nail polish on the screws if
it has a case.

Me considers that a viable option if you distrust smartcards like yubi
and so on. You can't even boot it without the isolated parts.

Inputting a password isn't possible, and you'd be stupid to travel with 
both devices. :)

Tor in a vm is nice for isolation and leak prevention but considered
harmful if you can't trust the host/Dom0. I am at point were I would
only run a client maybe a middle relay inside a vm.

Aren't you worried about GPL violation? Since the school were you
distribute the images has no sources. Some of your components are
LGPL/GPL. First thought was, ah thats the school were all the embedded
engineers learn to properly violate the L/GPL and distribute binary only. :)

Anyway, thanks for all the links and for building the ram-disk, given the
low memoryfootprint I should be able to run it on my old soekris, which 
collects dust since I have 1GHz dual core arms with 1GB Ram ethernet and
wireless and SATA and and and ... :)
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk