On Feb 22, 2008, at 02:25 , Jeremy Chadwick wrote:
[...]
Interesting tidbit: We have one production machine which when booted
into single-user via serial console for a world install, retains all
of
the output from that single-user session even once rebooted and
brought
back into multi-user mode. This poses a substantial security risk,
especially during the mergemaster phase (we can discuss why if
anyone is
curious).
--
| Jeremy Chadwick jdc at
parodius.com |
| Parodius Networking http://www.parodius.com/
|
| UNIX Systems Administrator Mountain View, CA,
USA |
| Making life hard for others since 1977. PGP:
4BD6C0CB |
This is more scary:
http://www.engadget.com/2008/02/21/cold-boot-disk-encryption-attack-is-shockingly-effective/
Which is the exact effect you are seeing.
Cheerio,
Bert JW Regeer
