Pull Crypto Keys from My Cold (Dead) RAM Chips!

February 23rd, 2008

So perhaps you want to ensure the privacy of your computer files and encrypt them, or perhaps simply just encrypt the entire disk. You certainly can, but where do you store your crypto keys (on a USB stick?), in a TPM, encrypted on the disk? But at some point in time, it does not really matter, because the crypto keys will likely be copied to RAM so that they can be used to encrypt/decrypt the files… and it’s possible to dump the memory in RAM itself. So you may think that just powering off the PC will effectively erase the RAM – and your crypto keys are gone right? … well, not entirely, as some CS students at Princeton have revealed and was reported on news.com by politechbot journalist Declan McCullagh.

One thing I’ve always been curious about, is just “how long” does the data persist on “DRAM” chips after the system power is shut down. (When referring to “RAM” in a PC, this usually means DRAM or “Dynamic” RAM as opposed to SRAM or “Static” RAM, which has different properties.) Unfortunately I still do not understand the ‘exact’ physics details as to how RAM works (I assume it’s stored magnetic/electrical charge). What is fascinating to me though, is that the RAM can be read after power is lost and also that it can be read nearly perfectly for up to 10 minutes or longer after power loss if cooled properly! Peter Gutmann revealed this even back in his famous 1996 publication on secure deletion, but I’m impressed that students were able to finally test these results and publish them to the public!

Most Tech Friendly President

February 23rd, 2008

There are perhaps a few of you “tech geeks” out there reading this blog, but do you know who would be the most “tech friendly” candidate for President?! Based on this survey on news.com, it appears to be Ron Paul or Barack Obama. Actually, “Only Barack Obama and Ron Paul gave us forthright replies, and they deserve credit for their directness.” Both candidates gave nearly identical responses, however a few of Paul’s were emphasized as “strong no”! (I like his style!) The only question with notable differences, would be the net neutrality issue – and I feel that has solely to do with the format of the question. Ron Paul is the most “Net neutral” candidate because he wants the government to “keep their hands off” of it. As the question was posed:

Q: Congress has considered Net neutrality legislation, but it never became law. Do you support the legislation that was re-introduced in 2007 (S 215), which gives the FCC the power to punish “discriminatory” conduct by broadband providers?

This makes the question murky, because it’s questioning “Net neutrality” and then adding in that the FCC should decide if neutrality was achieved or not – instead of the courts! So I see that as a problem question. In the end, the Net should stay as neutral as possible to prevent creating “classes” of users and traffic, which is simply another tool for the telecoms to use to charge you more money. Read more for a brief background on Net neutrality. Read the rest of this entry »

Indiana Jones – is back!

February 23rd, 2008

Ok, remember when you were a kid and all the adults would ask you “what do you want to be when you grow up?” Well for me, I think it was always a mix between: McGuyver, James Bond, and Indiana Jones! I think the allure is still there for all three of these characters. When it comes to film trilogies though, I don’t think anything compares to Indiana Jones (and Star Wars) – great classic adventure film without any of the gratituous sex and violence – great for the whole family!

The next Indiana Jones film is set for May 22nd… I’m excited!!!

Dr. Ron Paul stands as THE TRUE PATRIOT

February 21st, 2008

Considering the PATRIOT ACT, one who stands up to defend and secure our liberties and due process of law is the true Patriot. See Ron Paul’s article on Reconsidering the Patriot Act. Even after the original sunset clause expired, many sections remained including the controversial topics as well as roving wiretaps and secret searches of records. See other Patriot Act controversaries.

Examine the controversaries of the Patriot Act, as well as those pieces that have been declared unconstitutional (requesting records without a court orderedsubpoena, as well as giving advice to terrorists)