MRAM, persistance of memory
The persistance of memory could be a problem if your melting clocks are swarmed by spooky ants. Wired has an article on magetic RAM http://wired.com/news/technology/0,1282,59559,00.html that fails to mention security implications. Obviously nonvolitile RAM presents a different security risk than RAM that forgets when powered off. Will future OSes have provisions to keep certain data out of MRAM banks, if MRAM doesn't completely displace DRAM? I doubt it. And shutting off your virtual memory swapping --useful today because of the gobs of DRAM machines have-- will no longer be useful for security. Not so obviously to the layman is how many times MRAM must be overwritten to keep the TLAs away. (Exactly analogous to scrubbing a disk.) While this is trivial to do for user-space, if the OS keeps copies of sensitive info this might require more than a huge malloc() & overwrites before shutdown.
On Wed, Jul 09, 2003 at 10:23:55AM -0700, Major Variola (ret.) wrote:
Wired has an article on magetic RAM http://wired.com/news/technology/0,1282,59559,00.html that fails to mention security implications. Obviously nonvolitile RAM presents a different security risk than RAM that forgets when powered off. Will future OSes have provisions to keep certain data out of MRAM banks, if MRAM doesn't completely displace DRAM? I doubt it.
I doubt it as well. DRAM also has power-off memory persistence and nearly everyone in security ignores that as well. But not the spooks : "The FEI-374i-DRS is a data recovery system that captures and preserved digital data, in its original format, directly from the Dynamic Random Access Memory (DRAM) of Digital Telephone Answering Machines (DTAMs) ... The FEI-374i-DRS is an indispensable tool for forensic investigators required to evaluate residual audio and tag information retained in today's DRAM-based DTAMs." http://www.nomadics.com/374idrs.htm Eric
On Wed, 9 Jul 2003, Eric Murray wrote:
I doubt it as well. DRAM also has power-off memory persistence and nearly everyone in security ignores that as well.
But not the spooks :
"The FEI-374i-DRS is a data recovery system that captures and preserved digital data, in its original format, directly from the Dynamic Random Access Memory (DRAM) of Digital Telephone Answering Machines (DTAMs) .. The FEI-374i-DRS is an indispensable tool for forensic investigators required to evaluate residual audio and tag information retained in today's DRAM-based DTAMs."
The system doesn't seem to be able to recover data from powered-off DRAM. The specs say it can recover files that were erased. The DRAM-based DTAMs use the DRAM as a RAM disk. For some reason unknown to us (may be conspiracy with TLA, but Occam's razor says it's mere negligence/laziness) the designers don't overwrite the memory region that pertains to an erased file, only deallocate it, leaving the data there. I suppose the DRAM refresh circuits are backed up with a small battery to cover brief blackouts. It is impossible to get access to the voltage on the DRAM cell capacitors (at least if the chip is in its case and we can access only its pins). We can only see if it is in the range for H or L. And after a power-down (or even a sufficiently long period without a refresh of the given cell) the cell capacitor loses voltage steadily, reaching the level of L (or maybe H?) within at most couple seconds. Seems the device is nothing more than a logic analyzer connected to the DRAM pins. This is a nice illustration of the problem with comercial vendors and closed-architecture devices they peddle. If we'd have access to the firmware of the DTAMs, writing extensions for storing data in (at least somehow) encrypted format and their overwriting after deletion won't be a big problem. Hope the price of embeddable computer "cores" will continue to fall. (Apropos, whats the current cost of the cheapest cores able to run stripped-down Linux? Maybe something based on ARM or MIPS architecture?)
On Thu, Jul 10, 2003 at 04:45:58PM +0200, Thomas Shaddack wrote:
On Wed, 9 Jul 2003, Eric Murray wrote:
I doubt it as well. DRAM also has power-off memory persistence and nearly everyone in security ignores that as well.
But not the spooks :
"The FEI-374i-DRS is a data recovery system that captures and preserved digital data, in its original format, directly from the Dynamic Random Access Memory (DRAM) of Digital Telephone Answering Machines (DTAMs) .. The FEI-374i-DRS is an indispensable tool for forensic investigators required to evaluate residual audio and tag information retained in today's DRAM-based DTAMs."
The system doesn't seem to be able to recover data from powered-off DRAM.
[..] It's still interesting.
It is impossible to get access to the voltage on the DRAM cell capacitors (at least if the chip is in its case and we can access only its pins). We can only see if it is in the range for H or L. And after a power-down (or even a sufficiently long period without a refresh of the given cell) the cell capacitor loses voltage steadily, reaching the level of L (or maybe H?) within at most couple seconds.
I would not bet on that for sensitive data. See Peter Gutmans and Ross Anderson's papers on RAM memory remanance. Eric
On Thursday, July 10, 2003, at 08:27 AM, Eric Murray wrote:
On Thu, Jul 10, 2003 at 04:45:58PM +0200, Thomas Shaddack wrote:
It is impossible to get access to the voltage on the DRAM cell capacitors (at least if the chip is in its case and we can access only its pins). We can only see if it is in the range for H or L. And after a power-down (or even a sufficiently long period without a refresh of the given cell) the cell capacitor loses voltage steadily, reaching the level of L (or maybe H?) within at most couple seconds.
I would not bet on that for sensitive data. See Peter Gutmans and Ross Anderson's papers on RAM memory remanance.
We were reading remnant state information in DRAMs back in the mid-70s. When a DRAM is powered back up after some period without power there are "remnants" which are not really electrons (which thermalize into the substrate in a matter of microseconds) but which cause "preferential turn-on or turn-off" in the cells, due to shifts in threshold voltage. (This is why irradiation of the DRAMs with gammas can sometimes "freeze" the stored data pattern.) Intel was the inventor of DRAM and we led the market (along with Mostek) for most of the 1970s. We had some really cool tools for seeing the internal states of DRAMs, before, during, and after things we did to the devices. Powering them off and watching the states they came back up in was child's play. This effect, of seeing DRAMs "wake up" in preferred states, is a very subtle effect. And no doubt it varies amongst vendors and even between design and process steppings of the same vendor's part. I would not want to be the forensic data analyst trying to do this, but I expect sometimes they do. The "recover data from voice answering machines" gadget is no doubt much lower tech. Most answering machines are battery-backed (duh), so a forensics expert can keep power maintained and even use the battery-backed store to keep the DRAMs nominally refreshed. But I thought most modern answering machines which don't use tapes are in fact using flash, not DRAMs. Am I wrong on this? Flash is of course an entirely different story. --Tim May
At 10:23 AM -0700 7/9/03, Major Variola (ret.) wrote:
And shutting off your virtual memory swapping --useful today because of the gobs of DRAM machines have-- will no longer be useful for security.
Encrypted swap is a crypto sweet spot, because it has perhaps the easiest key management of any crypto system. It seems that the BSD systems have it while Linux still thinks it is difficult. See: http://www.openbsd.org/papers/swapencrypt.ps Cheers - Bill ------------------------------------------------------------------------- Bill Frantz | "A Jobless Recovery is | Periwinkle -- Consulting (408)356-8506 | like a Breadless Sand- | 16345 Englewood Ave. frantz@pwpconsult.com | wich." -- Steve Schear | Los Gatos, CA 95032, USA
In message <v03110705bb32187f2793@[192.168.1.5]>, Bill Frantz <frantz@pwpconsult.com> wrote:
Encrypted swap is a crypto sweet spot, because it has perhaps the easiest key management of any crypto system. It seems that the BSD systems have it while Linux still thinks it is difficult.
It is not yet in the mainline Linux kernel, but implementations are available (e.g. the widely used "cryptoloop"). -- Shields.
On 2003-07-14, Michael Shields uttered to Bill Frantz:
Encrypted swap is a crypto sweet spot, because it has perhaps the easiest key management of any crypto system. It seems that the BSD systems have it while Linux still thinks it is difficult.
It is not yet in the mainline Linux kernel, but implementations are available (e.g. the widely used "cryptoloop").
At this stage I think a small question is in order. Is there any Big Red Button software out there to complement this level of paranoia? What I mean is, after you've got everything in your system under industrial strength crypto, you have exactly one weak spot, that being a whole lot of people charging through your door when your system is already running hot and accessible. At that point the only thing that can save you is a one-touch mechanism to effect a swift (i.e. at most two or three seconds), dirty, no-matter-what shutdown, with guaranteed loss of key material. Is there open source software out there to effect that sort of thing? -- Sampo Syreeni, aka decoy - mailto:decoy@iki.fi, tel:+358-50-5756111 student/math+cs/helsinki university, http://www.iki.fi/~decoy/front openpgp: 050985C2/025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2
You could get one of those power strips with a power button intented to be operated by foot. Provided you've encrypted everything on your system including all network traffic and swap, pushing the big red switch should do the trick. :) Not exactly an open source solution, but it may well be effective. In all likelyhood the flashbang armored ninjas with automatics, night vision, "get the fuck on the floor and shut the fuck up bitch" entry will happen while you're asleep, so you won't have time to hit the big red button anyway. So, the best way to avoid that situation and not being able to reach the big red switch, is simply not to attract their attention in the first place by not following the footsteps of Jim Bell. :) A more likely, and far more important, scenario to worry about is the black bag job whereby a hardware keystroke recorder can get installed without your knowledge... There may be ways to prevent/detect this... Software (open or closed source) alone won't help very much. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_@_sunder_._net_------- http://www.sunder.net ------------ On Tue, 15 Jul 2003, Sampo Syreeni wrote:
At this stage I think a small question is in order. Is there any Big Red Button software out there to complement this level of paranoia?
participants (8)
-
Bill Frantz -
Eric Murray -
Major Variola (ret.) -
Michael Shields -
Sampo Syreeni -
Sunder -
Thomas Shaddack -
Tim May