[Discuss] Cold Boot Attacks on Encryption Keys

[Richard Pieri]

Tom Metro wrote:
> The scenario is that you have strongly encrypted data on disk,
> decryption keys in memory, an OS configured so that it doesn't do
> something stupid, like write the keys to unencrypted swap space, and an
> OS hardened enough that physical access to the machine seems like the
> easier attack vector.

The problem with this scenario is that it makes no sense. If your threat 
is physical attack then why aren't you hardening your physical intrusion 
prevention? Because there's a simple (not necessarily easy, just simple) 
way for me to circumvent all of your clever switches and self-destructs 
and WDE if you don't beef up your physical security procedures.

I go after your backups.

-- 
Rich P.