There has been some more recent work on this lately:<p><a href="https://www.dfrws.org/2016eu/proceedings/DFRWS-EU-2016-7.pdf" rel="nofollow">https://www.dfrws.org/2016eu/proceedings/DFRWS-EU-2016-7.pdf</a><p>Essentially, with newer RAM (DDR3), the location things end up on the physical chip is scrambled to improve reliability:<p>> Storage of bit streams which are strongly biased towards
zero or one can lead to a multitude of practical problems:
Modification of data within such a biased bit stream can
lead to comparatively high peak currents when bits are
toggled. These current spikes cause problems in electronic
systems such as stronger electromagnetic emission and
decreased reliability. In contrast, when streams without
DC-bias are used, the current when working with those
storage semiconductors is, on average, half of the expected
maximum.<p>So once you image the RAM you have to figure out the scrambling and undo it.<p>Related: <a href="https://github.com/IAIK/DRAMA" rel="nofollow">https://github.com/IAIK/DRAMA</a>
The problem here was already known before the publication of the paper even though the paper was still a clever attack. Most of security research, including high-assurance software, was largely ignoring attacks on hardware. There was a subfield growing that didn't trust the RAM, disk, peripherals, etc. These designs drew a boundary at the ASIC or SOC level where anything tampering outside was protected with crypto, PUF's, etc. The first I saw was Aegis:<p><a href="https://people.csail.mit.edu/devadas/pubs/aegis-istr-august6-2005.pdf" rel="nofollow">https://people.csail.mit.edu/devadas/pubs/aegis-istr-august6...</a><p>Joshua Edmison's dissertation lists a number of others along with his own, interesting scheme:<p><a href="https://theses.lib.vt.edu/theses/available/etd-10112006-204811/unrestricted/edmison_joshua_dissertation.pdf" rel="nofollow">https://theses.lib.vt.edu/theses/available/etd-10112006-2048...</a><p>Nobody has learned anything different since for the fundamentals. The fundamentals are still to use authenticated crypto of some sort on RAM to detect attacks there to fail safe at worst. Also, use special IO/MMU's, SOC mechanisms, and software protected by them to handle stuff on disks. Stopping cold boot attack is straight-forward on such architectures that don't trust RAM in the first place.<p>From there, we move into cat and mouse game of SOC attack and defense. Most of those require physical possession for more than a few minutes, though, with often destruction of the chip as a result. So, this is a significant step forward in security vs just snatching the RAM out of the system.
<a href="https://en.wikipedia.org/wiki/TRESOR" rel="nofollow">https://en.wikipedia.org/wiki/TRESOR</a><p>OS X has a setting called "destroy FileVault key on standby" in `pmset` which mitigates cold boot attacks.<p>I kinda want the CPU/MMU to support loading encryption keys to transparently encrypt some or all of RAM (could also toss in error checking while we're at it). SGX has this in the trusted containers, but I think it makes sense for general use too.
I heard that when power is interrupted ACPI still has time to inform the system, and not only that, the CPU will continue to execute many, many instructions before it's finally deprived of power. The computer seems to turn off instantly to us, but at the time scale the CPU operates at it's actually quite a while. I heard this was enough time for an operating system to detect power failure and zero out megabytes of memory.<p>Anyone know if this is true or not?
There's only one solution to prevent this, if you're operating a server that might be of federal interest (which might even be running an open proxy or TOR relay):<p>1) Rent an entire rack with a 19" rackmount UPS, as well as locks connected to the server to signal if the rack has been opened, and motion sensors, as well as a compass<p>2) If either the power from outside goes down, or the lock/cage alarm triggers, or the motion sensor/compass detects motion, wipe the RAM section that contains the HDD encryption keys and power down the machine.<p>Why a compass? Because in case the cops try to move the entire rack carefully (to not trigger a motion sensor with false-alarm filtering), and they rotate the rack, the compass will detect it.
I have the feeling this could be trivially solved by adding reset lines to the RAM design, and triggering them on shutdown (perhaps powered by some capacitor).
This has been a known attack vector for quite some time (hence 2008...) One of the best training courses I ever did was a forensics course and this was one of the first techniques taught for a "black bag", along with faraday cage bags for all the things.<p>I have never gotten to use it irl though.
Use Arctic Alumina[0] to fill all USB and Firewire connectors, and embed RAM.<p>[0] <a href="http://www.arcticsilver.com/arctic_alumina_thermal_adhesive.htm" rel="nofollow">http://www.arcticsilver.com/arctic_alumina_thermal_adhesive....</a>
Kickstarter idea: Memory modules with an inbuilt temp sensor. Below 0c, they just stop. Put that tiny circuit into the silicon and the problem goes away.