Post by thread:[EE] And you tought you were safe...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Feb 29, 2008 at 11:05:31AM -0300, Enki wrote: > > http://www.youtube.com/watch?v=JDaicPIgn9U It gets worse. With a special firewire or USB-2 device you can simply dump the entierty of the computers memory at will using the DMA interface. More recent AMD chips have a mechanism to protect from that attact, essentially extending process memory protection to external devices, but most don't. Assuming that brand new protection works might be wrong too. A SDRAM chip with built-in zeroization would be very nice. - -- http://petertodd.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHyCv03bMhDbI9xWQRAn9XAKCefr5tbeNKkgZCpqcIU3T0jZV1VgCgj+TL q8hjRcgu/U8rTd1leTghN3w= =PY5A -----END PGP SIGNATURE-----

Peter Todd wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Fri, Feb 29, 2008 at 11:05:31AM -0300, Enki wrote: > >> http://www.youtube.com/watch?v=JDaicPIgn9U >> > > It gets worse. With a special firewire or USB-2 device you can simply > dump the entierty of the computers memory at will using the DMA > interface. More recent AMD chips have a mechanism to protect from that > attact, essentially extending process memory protection to external > devices, but most don't. Assuming that brand new protection works might > be wrong too. > > A SDRAM chip with built-in zeroization would be very nice. > > It would have to work whenever power is cut, but how would it do that? - Martin

On Feb 29, 2008, at 10:33 AM, Martin wrote: >> A SDRAM chip with built-in zeroization would be very nice. >> > It would have to work whenever power is cut, but how would it do that? Much easier to scramble at power-ON... BillW

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Feb 29, 2008 at 01:33:03PM -0500, Martin wrote: {Quote hidden}> > It gets worse. With a special firewire or USB-2 device you can simply > > dump the entierty of the computers memory at will using the DMA > > interface. More recent AMD chips have a mechanism to protect from that > > attact, essentially extending process memory protection to external > > devices, but most don't. Assuming that brand new protection works might > > be wrong too. > > > > A SDRAM chip with built-in zeroization would be very nice. > > > > > > It would have to work whenever power is cut, but how would it do that? Usual way is to include a backup capacitor that provides a second or so of power for the zeroization hardware. Pretty standard stuff for high-security co-processors like IBM's 4xxx something one. - -- http://petertodd.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHyfsO3bMhDbI9xWQRAolZAJwPypKsg/HgCH5Tk/XeG0/SOdQL9gCgrs2E IxcG42hGDdY08aeTUKKjtok= =PLnc -----END PGP SIGNATURE-----