Jacob Appelbaum, my close friend and former roommate, along with a team of crack security specialists has published an amazing piece of research (see also the NYT article). It shows that a physical vulnerability in computer memory chips means that RAM content can be captured at any time.
Operating systems and programs have a lot of important stuff floating around in memory. Things like encryption keys to private data and protected files. Even intermediate encryption state that’s kept in memory can drastically simplify brute-force decryption attacks.
This means that stealing a laptop that is suspended or running can be exploited to gain access to encrypted files and protected networks, for instance. In fact, just having a moment of physical access to insert a thumb drive and press the power button is enough.
As a free software and data advocate, this is most frightening because it allows hardware and software vendors to leverage the fear and high risk involved to make a short-sighted push towards stronger DRM.
Funny, but I suddenly feel better about years of poor laptop suspend support in Linux!
Really interested to see what happens here.
-
Thanks Alex!
Disk encryption might not interest all of your readers. I bet they’d want to attack a DRM system or two with our techniques. That TPM chip isn’t as useful as once thought. Trusted boot paths don’t even need to be subverted with this type of attack.
Knowing what I know about software and hardware, I would stay away from any type of disk crypto promises in hardware unless you’re the NSA. Don’t trust anything unless you, or someone else you trust, can verify such claims.
I really encourage people to read our paper and view our video. The work is much more than a power cycle. It includes new methods for error correcting keys found in memory (accounting for decay and key detection), it includes simple techniques for cooling and in the future, we’re releasing all of our tools as Free Software.
-
“I bet they’d want to attack a DRM system or two with our techniques.”
I rather suspect groups working on hardware from the PS3 through the 360 to Blu Ray and the iPhone are currently studying your video *very closely*…:)
-
If anything this is just more support for “Doctorow’s Law”; DRM is inherently insecure. This RAM technique at first glance sounds like an equivalent of the “analog hole” for purely digital storage, and isn’t all that surprising to me. As long as you have the potential to solder connections into a PC’s data buses you can grab the data transferring thereby. Tinfoil hatters for a while have even talked about the potential for reading RAM contents solely based on the minute magnetic fluctuations that emanate from changing states on RAM chips. It’s great seeing an actual physical description of a working attack, however.
-
Thanks for linking to this very interesting article. I thought that RAM chips would only keep the information for a few milliseconds after being powered off, or at most a few seconds. I had no idea that it could take several minutes for the information to disappear, or even more if you cool them down.
As mentioned in the paper, it is possible to fix the problem for suspend/hibernate by clearing or encrypting the key in memory before suspending, and requiring the user to re-enter or decrypt the key before resuming the system. But this is not trivial to implement because of issues with graphics modes, etc. The problem is more serious for the common case of simply locking the screen, because programs keep on running in the background and usually want to access the disk even when the screen is locked. So simply locking the screen does not provide adequate protection and probably never will (except for the physical protection methods discussed in the paper)
Comments are now closed.
4 comments