On 2008-02-23 02:08, Atom Smasher wrote: > article below. does anyone know how this affects eli/geli? > > from the geli man page: "detach - Detach the given providers, which means > remove the devfs entry and clear the keys from memory." does that mean > that geli properly wipes keys from RAM when a laptop is turned off?
This is a physical attack, and there's nothing you can do in software to prevent it. Of course geli or other software can attempt to erase the keys from RAM as soon as it's done using them, but it won't prevent hijacking them beforehand. It's the same with all physical attacks: hardware sniffers, keyloggers, TEMPEST, etc. You need physical (hardware) protection to secure against these, not software. _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
