BHDC11 - De-anonymizing Live CDs through Physical Memory Analysis

intrigeri intrigeri at
Fri Jan 14 23:36:45 UTC 2011


intrigeri wrote (13 Jan 2011 11:37:51 GMT) :

>> explicit ordered zeroisation is handy. (starting with keys and key
>> schedules, working cipher state, then on to user data, before
>> completing a full pass or three. this takes a smart kexec or other
>> ham fisted - still worth the effort.)

> The kexec idea seems brilliant to me: this is the best way I can
> think of to run the memory wipe process inside an environment where
> almost all of the memory is considered as being free.

> I have thus started implementing this idea in T(A)ILS. Thanks to
> Debian's initramfs-tools and kexec-tools, drafting an early
> prototype was quite easy. Stay tuned, more to come soon.

Now implemented in T(A)ILS "devel" Git branch (this email will
probably reach the list before I am able to push a few bugfixes and
polishing commits to the online repository, though => reviewers: you
are obviously welcome but please wait until you can fetch

Next steps are (help is warmly welcome):

  - test this code on bare metal (not done yet :/)
  - move this code into a new Debian package that would not depend on
    T(A)ILS at all; doing so would offer protection against memory
    recovery attacks to non-Live (GNU/Linux) systems users. I had this
    future step in mind while implementing this feature in T(A)ILS, so
    this should not be too hard a thing to do.
  - make the kexec-tools Debian package's initscripts behavior
    customizable enough so that we have less code to maintain

  intrigeri <intrigeri at>
  | GnuPG key @
  | OTR fingerprint @
  | Every now and then I get a little bit restless
  | and I dream of something wild.
To unsubscribe, send an e-mail to majordomo at with
unsubscribe or-talk    in the body.

More information about the tor-talk mailing list