On Fri, Feb 18, 2011 at 05:17:57PM +0000, Kevin Chadwick wrote: > On Fri, 18 Feb 2011 16:17:25 +0100 Joachim Schipper wrote: > > On Fri, Feb 18, 2011 at 10:51:27AM -0600, Orestes Leal R. wrote: > > > does it exists? > > > > Not yet. > > Hibernate offers more integrity of user data but it's a lot less > secure, discounting the boot virus's like the one mentioned on P. > Hansteen's site that may? be hindered by power removal. (Anyone heard > more about those or how that one worked.)
Actually, if one could specify an encryption password for the memory written to disk, a stolen hibernating system would be less dangerous than a running/ACPI-sleeping system because it's suddenly impossible to get interesting data from the system memory. Interesting data like the keys in ssh-agent or a softraid decryption key. Read e.g. http://citp.princeton.edu/pub/coldboot.pdf for a very readable introduction to rip-your-memory-out-of-your-machine attacks (figure 4 is particularly nice); in particular, note that such attacks are quite feasible. Despite the common "with physical access, all bets are off" wisdom, physical attacks can actually be defended against quite well - *if* the system is turned off when they are carried out and never turned on again. Joachim -- PotD: net/fping - quickly ping N hosts w/o flooding the network http://www.joachimschipper.nl/
