[ale] Letter of Volatility

Dustin Strickland dustin.h.strickland at gmail.com
Wed Jan 29 14:37:07 EST 2014


Yes, actually... I can't remember the name of the procedure, but
according to my recollection you have anywhere from 3-7 seconds.
Assuming the cover's already popped off, that's plenty of time.

There was also a paper I read about using the TPM to cloak malware...
Very much worth a read. Although I don't know if this exact
vulnerability is present in TPMv2, I would have to assume it either is
or a similar one exists.

http://www.cs.utexas.edu/lasr/download.php?uid=17

On Wed, 29 Jan 2014 14:27:00 -0500
Pete Hardie <pete.hardie at gmail.com> wrote:

> Hasn't the Snowden leak already revealed that the NSA has something
> like that?
> 
> 
> On Wed, Jan 29, 2014 at 2:19 PM, Greg Clifton <gccfof5 at gmail.com>
> wrote:
> 
> > Thanks, Jim. I pretty much figured that the keep alive time would be
> > pretty short for SDRAM. But you know how anal the government-types
> > can be sometimes [always?]. The facts don't matter so much as the
> > DOCUMENTATION of the facts. Isn't that why the govt. uses RHEL
> > instead of CENTOS? I.e., if you did all the same hardening
> > procedures to a CENTOS box that you did to a RHEL box they would be
> > equally secure, but the CENTOS box would not be CERTIFIED, correct?
> >
> > Would it be possible for a bot/virus/trojan to be loaded into BIOS
> > that could then grab info when the system is up and running? If it
> > is possible, they will be concerned about that and it will need to
> > be addressed in the LoV letter.
> >
> >
> > On Wed, Jan 29, 2014 at 1:57 PM, Jim Lynch
> > <ale_nospam at fayettedigital.com>wrote:
> >
> >>  On 01/29/2014 01:13 PM, Greg Clifton wrote:
> >>
> >> Maybe this is Off Topic, but it is computer related. So here is
> >> the deal, I have a RFQ to quote on some computers to go into a
> >> classified application and the customer wants a Letter of
> >> Volatility. Now, obviously, the mass storage will be removable,
> >> but they are concerned about any memory in the system. I take this
> >> to include both volatile SDRAM (DDR3) and any non-volatile memory
> >> such as the CMOS for the BIOS (is it possible that some bot could
> >> be lurking there that could grab data and send it out when the
> >> computer is turned on?).
> >>
> >>  My question is basically, how long does DDR3 maintain any
> >> recoverable data once the power is turned off. I would assume that
> >> power should be totally removed (as in unplugged from the wall) so
> >> that there is not even 5V standby power, no?
> >>
> >>  Comments and especially links to solid information would be
> >> appreciated.
> >>
> >>  Thanks in advance,
> >> Greg Clifton
> >>
> >>
> >>  Dynamic memory is volatile.  I suspect the data remains for a
> >> period of time measured in milliseconds.  Not nearly enough time
> >> to unplug and get it to another system.  Unless of course you buy
> >> non-volatile DDR memory.
> >>
> >> One reference:
> >> http://en.wikipedia.org/wiki/Dynamic_random-access_memory
> >>
> >> _______________________________________________
> >> Ale mailing list
> >> Ale at ale.org
> >> http://mail.ale.org/mailman/listinfo/ale
> >> See JOBS, ANNOUNCE and SCHOOLS lists at
> >> http://mail.ale.org/mailman/listinfo
> >>
> >>
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> >
> >
> 
> 


More information about the Ale mailing list