[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: cold boot attacks on cgd?
On Tue, 26 Feb 2008 02:02:59 +0000
"Steven M. Bellovin" <smb%cs.columbia.edu@localhost> wrote:
> There is apparently some BIOS magic that can be done to force certain
> sections of RAM to be zeroed by the BIOS at boot time. I don't know
> anything more about how to set that flag. Even if it is set, there's
> no defense against someone chilling the RAM, removing it from your
> machine, and putting it into their own.
It's called the MOR bit in the TPM. See
It means "there are keys present; zero RAM when booting". This does
nothing against the guy with the Dewar flask of liquid nitrogen, of
course. Also, not all BIOSes honor this bit -- which means they're
non-conforming, but what else is new?
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Main Index |
Thread Index |