| 1 |
Hello security gurus, this one's for you: |
| 2 |
|
| 3 |
After shutdown, is it possible to recover the data stored on the |
| 4 |
Random Access Memory? Be it an ancient mounted ramdisk, a tmpfs mount |
| 5 |
point or normal data kept in memory by programs. |
| 6 |
|
| 7 |
In many ressources on the net (the Gentoo Wiki and Forums, other |
| 8 |
Security related HOWTOs), people suggest the use of tmpfs for the /tmp |
| 9 |
mount point. They say that since the temporary files are completely |
| 10 |
stored in RAM and on the eventually encrypted swap partition, it is |
| 11 |
secure. However, I have doubts as to the veracity of this fact. |
| 12 |
|
| 13 |
For one part, one week ago my Computer Sciences professor said that |
| 14 |
"deleting the files in the evening doesn't help you at all, since the |
| 15 |
data is stored on your RAM and the police knows about it". He was |
| 16 |
talking about Windows, but - if true - this should also hold true for |
| 17 |
Linux. This got me curious. |
| 18 |
|
| 19 |
Then, on the Gentoo Wiki |
| 20 |
(http://gentoo-wiki.com/SECURITY_Anonymizing_Unix_Systems), Van |
| 21 |
Hauser, the author of THC's secure-delete package, says "It [the RAM] |
| 22 |
can hold very sensitive information like the email you wrote before |
| 23 |
pgp'ing it, passwords, anything. To ensure, that the memory is |
| 24 |
cleaned, use the smem utility." And later on: "Now one problem is |
| 25 |
left. Even with normal RAM a well funded organisation can get the |
| 26 |
contents after the system is powered off. With the modern SDRAM it's |
| 27 |
even worse, where the data stays on the RAM permanently until new data |
| 28 |
is written. For this, I introduced a small tool for the secure_delete |
| 29 |
package 2.1, called "smem" which tries to clean the memory. This one |
| 30 |
should be called on shutdown. " These comments triggered off this |
| 31 |
thread. |
| 32 |
|
| 33 |
Consider that someone uses an encrypted swap and an encrypted root, |
| 34 |
with non-default cryptographic options. Also, in this discussion, |
| 35 |
please consider the case of a well founded organization, say the |
| 36 |
police or a three-lettered organization. |
| 37 |
|
| 38 |
Now, here's the worst case scenario. In the evening, you want to |
| 39 |
create a poster "NO Putins for Prime-Minister". You have everything |
| 40 |
encrypted on your system, so you feel OK. You fire up OpenOffice (just |
| 41 |
to complicate things) and write the text, then GIMP and open the image |
| 42 |
you want to use. Then you copy the text (say using cplipman, on Xfce) |
| 43 |
to GIMP. You do modify the beautiful image to make it beautifuler. And |
| 44 |
save your gorgeous poster on the encrypted hard disk. |
| 45 |
|
| 46 |
Using such programs will most surely leave you with the following: |
| 47 |
somewhere somehow temporary files of your .odt document, deleted |
| 48 |
temporary files of the .odt document, the hard disk copy of your |
| 49 |
poster, and more or less the same information in your RAM. On the |
| 50 |
former ones you feel OK: you've got an encrypted root and an encrypted |
| 51 |
swap. There's no breach (_is there?_). |
| 52 |
|
| 53 |
So, to continue the worst case scenario, in the morning you find |
| 54 |
yourself confiscated together with your laptop by a three-lettered |
| 55 |
organization. For a moment, disregard the human rights problem. |
| 56 |
|
| 57 |
First question: What about the RAM? After system shutdown, does the |
| 58 |
RAM still store your recent data and can it be recovered ?? |
| 59 |
|
| 60 |
A second, more science fiction one (although I did stumble on the |
| 61 |
following link: |
| 62 |
http://hardware.slashdot.org/article.pl?sid=06/04/10/1451200): Can |
| 63 |
someone encrypt at a software level the data stored on RAM? |
| 64 |
|
| 65 |
Third: Is smem -ll efficient? The man page (Gentoo edited, I imagine) |
| 66 |
states "Beware: BETA! smem is still beta." |
| 67 |
|
| 68 |
Fourth: How can one deal with the data stored on RAM, and that before shutdown? |
| 69 |
|
| 70 |
Thanks in advance if you can answer at least some of these questions. |
| 71 |
|
| 72 |
Regards, |
| 73 |
Liviu |
| 74 |
-- |
| 75 |
gentoo-user@g.o mailing list |
Archives