1 |
Hello security gurus, this one's for you: |
2 |
|
3 |
After shutdown, is it possible to recover the data stored on the |
4 |
Random Access Memory? Be it an ancient mounted ramdisk, a tmpfs mount |
5 |
point or normal data kept in memory by programs. |
6 |
|
7 |
In many ressources on the net (the Gentoo Wiki and Forums, other |
8 |
Security related HOWTOs), people suggest the use of tmpfs for the /tmp |
9 |
mount point. They say that since the temporary files are completely |
10 |
stored in RAM and on the eventually encrypted swap partition, it is |
11 |
secure. However, I have doubts as to the veracity of this fact. |
12 |
|
13 |
For one part, one week ago my Computer Sciences professor said that |
14 |
"deleting the files in the evening doesn't help you at all, since the |
15 |
data is stored on your RAM and the police knows about it". He was |
16 |
talking about Windows, but - if true - this should also hold true for |
17 |
Linux. This got me curious. |
18 |
|
19 |
Then, on the Gentoo Wiki |
20 |
(http://gentoo-wiki.com/SECURITY_Anonymizing_Unix_Systems), Van |
21 |
Hauser, the author of THC's secure-delete package, says "It [the RAM] |
22 |
can hold very sensitive information like the email you wrote before |
23 |
pgp'ing it, passwords, anything. To ensure, that the memory is |
24 |
cleaned, use the smem utility." And later on: "Now one problem is |
25 |
left. Even with normal RAM a well funded organisation can get the |
26 |
contents after the system is powered off. With the modern SDRAM it's |
27 |
even worse, where the data stays on the RAM permanently until new data |
28 |
is written. For this, I introduced a small tool for the secure_delete |
29 |
package 2.1, called "smem" which tries to clean the memory. This one |
30 |
should be called on shutdown. " These comments triggered off this |
31 |
thread. |
32 |
|
33 |
Consider that someone uses an encrypted swap and an encrypted root, |
34 |
with non-default cryptographic options. Also, in this discussion, |
35 |
please consider the case of a well founded organization, say the |
36 |
police or a three-lettered organization. |
37 |
|
38 |
Now, here's the worst case scenario. In the evening, you want to |
39 |
create a poster "NO Putins for Prime-Minister". You have everything |
40 |
encrypted on your system, so you feel OK. You fire up OpenOffice (just |
41 |
to complicate things) and write the text, then GIMP and open the image |
42 |
you want to use. Then you copy the text (say using cplipman, on Xfce) |
43 |
to GIMP. You do modify the beautiful image to make it beautifuler. And |
44 |
save your gorgeous poster on the encrypted hard disk. |
45 |
|
46 |
Using such programs will most surely leave you with the following: |
47 |
somewhere somehow temporary files of your .odt document, deleted |
48 |
temporary files of the .odt document, the hard disk copy of your |
49 |
poster, and more or less the same information in your RAM. On the |
50 |
former ones you feel OK: you've got an encrypted root and an encrypted |
51 |
swap. There's no breach (_is there?_). |
52 |
|
53 |
So, to continue the worst case scenario, in the morning you find |
54 |
yourself confiscated together with your laptop by a three-lettered |
55 |
organization. For a moment, disregard the human rights problem. |
56 |
|
57 |
First question: What about the RAM? After system shutdown, does the |
58 |
RAM still store your recent data and can it be recovered ?? |
59 |
|
60 |
A second, more science fiction one (although I did stumble on the |
61 |
following link: |
62 |
http://hardware.slashdot.org/article.pl?sid=06/04/10/1451200): Can |
63 |
someone encrypt at a software level the data stored on RAM? |
64 |
|
65 |
Third: Is smem -ll efficient? The man page (Gentoo edited, I imagine) |
66 |
states "Beware: BETA! smem is still beta." |
67 |
|
68 |
Fourth: How can one deal with the data stored on RAM, and that before shutdown? |
69 |
|
70 |
Thanks in advance if you can answer at least some of these questions. |
71 |
|
72 |
Regards, |
73 |
Liviu |
74 |
-- |
75 |
gentoo-user@g.o mailing list |