[PLUG] Cold Boot attacks on RAM

Fedor Pikus fpikus at gmail.com
Fri Feb 22 06:19:16 UTC 2008 

On Thu, Feb 21, 2008 at 10:05 PM, Kristian Erik Hermansen
<kristian.hermansen at gmail.com> wrote:
> On Thu, Feb 21, 2008 at 9:52 PM, Fedor Pikus <fpikus at gmail.com> wrote:
>  >  I have rather serious doubts. Short retention time is a major
>  >  performance bottleneck for RAM, if retention time could be even
>  >  doubled without creating errors all chipsets would use it (and on some
>  >  motherboards you can adjust the read delays, if you make it even 20%
>  >  longer than the memory supports you can get hundreds of errors per
>  >  second). And we're still talking about nanoseconds, not seconds.
>
>  It is not fake.  Jacob Appelbaum, one of the researchers, is the most
>  active member of our hacking group.  Also on the project were the EFF
>  and Princeton...
>  https://www.noisebridge.net/index.php/People

I don't think it's fake. But I also am not convinced it's correct
either. How comes I can't extend retention time by 10 nanoseconds
without getting bit errors and they can still recover the data after
removing the memory module from the socket? Why don't memory
manufacturers rush to cycle DRAM once per second (gotta take at least
this long to pull and re-seat the DIMM, right?). I want at least a
plausible explanation. I have no issues with the warm boot experiment,
the memory was never powered down, the hardware keeps the values until
OS rewrites them (BTW, some libc versions can be configured to zero
out all free()-ed memory). But powering down or even unplugging the
DRAM module... Let's just say that I think an alternative explanation
is more likely (and I don't mean it's fake, fake would imply
intentional falsification).

>  --
>  Kristian Erik Hermansen
>  --
>  "It has been just so in all my inventions. The first step is an
>  intuition--and comes with a burst, then difficulties arise. This thing
>  gives out and then that--'Bugs'--as such little faults and
>  difficulties are called--show themselves and months of anxious
>  watching, study and labor are requisite before commercial success--or
>  failure--is certainly reached" -- Thomas Edison in a letter to
>  Theodore Puskas on November 18, 1878
>  _______________________________________________
>  PLUG mailing list
>  PLUG at lists.pdxlinux.org
>  http://lists.pdxlinux.org/mailman/listinfo/plug
>



-- 
Fedor G Pikus (fpikus at gmail.com)
http://www.pikus.net
http://wild-light.com

More information about the PLUG mailing list