G+_Bryan Lucas Posted December 21, 2012 Share Posted December 21, 2012 Future topic on Security Now. http://arstechnica.com/security/2012/12/cheap-app-cracks-pgp/ Link to comment Share on other sites More sharing options...
G+_Markus Sommer Posted December 26, 2012 Share Posted December 26, 2012 Well that has been a problem for a long time. Hibernation might not be the problem though, since, as stated in the article, most modern software should erase the keys from memory when going into hibernation. What is more dangerous is leaving your running while unattended, since then the keys ARE stored in memory and even if the OS prevents DMA (direct memory access) attacks via FireWire & co, the system is still vunlnerable to something like cold boot attacks. In a cold boot attack, the attacker switches off power to the machine (or presses the reset button) and then boots into a special OS, that dumps the memory onto a USB key or something similar (it is also possible to physically remove the memory block and put them into another machine for extraction) and then no OS safeguards will work. However there are a few ways to protect yourself from such attacks. If you are using a Linux based system you might want to install TRESOR ("TRESOR Runs Encryption Securely Outside RAM"), a kernel patch that moves the encryption keys from the memory into your CPU's debugging registers, where they are pretty safe from any attacks. If you don't run Linux, you can still set it up using a hypervisor, but that is kinda complicated. Link to comment Share on other sites More sharing options...
Recommended Posts