Ted Unangst wrote:
> 1. not everyone is going to bring their James Bond RAM Reader (tm) into
> your building to extract data. a hardcore data thief, maybe, but it's not
> common equipment. everyone will have access to an IDE or SCSI disk
> reader.
>
Everybody has access to a RAM reader. It is called a "pc". Bring
one that has battery power and spare slots to plug the stolen
modules into. You don't need Q to do this.
> 2. RAM has a short window of oppurtunity. whatever it turns out to be,
> RAM degrades faster than disk. it's not going to last while you drive it
> home, unless you have a RAM refresher plugged in the cigarette lighter.
Again, a pc with a 12v adapter is the poor man's in-car ram refresher.
:-)
> 3. encrypted swap is meant for a different threat model. you assume that
> the attacker might have access to the box at night or over a weekend,
> while you're away. RAM will be off. if you think someone might be trying
> to steal your RAM, you need better physical security.
Exactly.
Helge Hafting
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 23 2001 - 21:00:34 EST