[Leaplist] Fwd: Cold Boot Attacks on Disk Encryption
Chris
Chris at NeptunePCTech.com
Wed Feb 27 00:41:38 EST 2008
Bryan J. Smith wrote:
>Chris wrote:
>
>
>>Today's DRAM? Nah. About two centuries ago, we used to debug
>>machine language routines using the area of memory reserved
>>on the Commodore CBM machines for the cassette tape buffer.
>>The main DRAM area was actually cleared on power-on by a
>>startup routine - but it didn't touch the area reserved for the
>>
>>
>tape
>
>
>>buffer. So if we did something stupid, and got into a hard loop,
>>we could just power-cycle the box, and our code would still be
>>where we left it. If this property was "unexpected" - well, they
>>must be pretty new to the business.
>>
>>
>
>You're most likely confusing DRAM (Dynamic RAM) and SRAM (Static
>RAM).
>
>Most DRAM is so leaky it won't survive a power reset as it will
>inhibit its regular, required refresh, unless you install some
>serious capacitors or battery.
>
>Most SRAM can survive any power reset with a little capacitance in a
>device, and most core firmware/software has a small battery which
>affords years of off-line persistence.
>
>I.e., SRAM, not newer EEPROM (flash) is still used in mainboards for
>things like the RTC and other, small areas of firmware storage that
>is constantly updated/written to. It's been like that for 25+ years.
>
>Higher end hardware also uses SRAM for both speed and persistence.
>Just a few caps can store enough power to go days powered off. E.g.,
>3Ware used this in their older Escalade series of cards (no BBU required).
>
>
>
I'm fairly sure the old CBMs used 4116 DRAMS - but it's
possible that I have some leaky DRAM between my ears.
I do seem to remember a couple of pretty hunky caps in
the power supply section of the beast, though. I do know
you couldn't turn them off overnight and expect anything
to be left - more than a second or two and the RAM was
lost.
Cheers,
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.leap-cf.org/pipermail/leaplist/attachments/20080227/1348dd00/attachment.html
More information about the Leaplist
mailing list