>> The move, which cannot be carried out remotely, exploits a >> little-known vulnerability of the dynamic random access, or DRAM, >> chip. Those chips temporarily hold data, including the keys to >> modern data-scrambling algorithms. When the computerâs electrical >> power is shut off, the data, including the keys, is supposed to >> disappear. > I heard that before, but thought it is a hoax considering the fact > DRAM cells are being refreshed quite often (every 64ms?). Anyone > tried that?
I haven't tried the vulnerability described per se, but I can attest to the reality of some kind of memory effect; I've seen the kernel message buffer mostly survive a power-cycle after having been constant (as far as the RAM is concerned) for hours. Whether this is the effect described in the paper at hand or the "long-stored data skews the cell" effect I am not in a position to say. I find it plausible that frequent refresh is necessary to get the error rate down to within specs for the chip, but that less frequent refresh (seconds- or minutes-long) still preserves most of the data. (Consider that a bit error rate of, say, 2% is insanely high for normal use but quite low enough to be useful to an attacker.) /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML [EMAIL PROTECTED] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
