Alex Besogonov wrote: > On Wed, Feb 18, 2009 at 4:52 PM, Isaac Dupree > > <m...@isaac.cedarswampstudios.org> wrote: > > Alex Besogonov wrote: > > But guess what? While your system is running, they can take out your RAM > > and read it (disk-encryption key and all) before the RAM forgets its > > contents, see e.g. http://blogs.zdnet.com/security/?p=900 > > I know. But there's no way to guard against this attack, so there's no > sense fretting over it for now.
well, it's relatively straightforward for an attacker who knows what they're doing, so perhaps you should assume that *privacy* is at least partly compromised. but the most that attack can achieve is observing? Can that attack make it so that, when the system starts running again, it will be in a compromised state? - they can steal all crypto identity keys and try to run a completely different computer with different software there, if not for TPM - I don't know how the magic of TPM knowing everything about the state of your computer works, maybe they can modify what's in memory and put it back and confuse things? Also why does GRUB need to do any explicit interaction with TPM? (I'm ignorant and unimportant here, but maybe it will edify people, to have this conversation.) -Isaac _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
