Christopher Arnold <[EMAIL PROTECTED]> wrote: > > > > On Sun, 24 Feb 2008, Bill Moran wrote: > > > Or laptop vendors could make "secure" laptops that always lose memory > > on shutdown. > > > That dosn't really change anything, just don't shutdown the laptop.
It reduces the risk greatly when combined with other measures. For example, alter the sysctls so the lid switch powers the laptop off instead of putting it to sleep. This changes the scene a good bit, as it's guaranteed to be powered off when in storage and transport, which is when it is most likely to be stolen. > Cut an opening in the case and attach a probe to monitor memory access and > wait for the key being accessed. That attack only works if you can steal the laptop when it's powered on. With a unit known to be a security risk, it's going to be monitored while powered on, so it's less likely to be stolen at that time. As far as mitigation is concerned, there's not 1 or 0. But smart deployment can reduce the risks. -- Bill Moran Collaborative Fusion Inc. [EMAIL PROTECTED] Phone: 412-422-3463x4023 _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
