[ale] Letter of Volatility

Boris Borisov bugyatl at gmail.com
Sat Feb 1 11:14:02 EST 2014


What about when system goes into suspend mode or hibernate. The whole RAM
is getting dumped on hard drive.


That is why we need open source hardware. You don't know what these memory
controllers, north bridges and whatever they have in there could do.


On Fri, Jan 31, 2014 at 8:56 AM, Jim Kinney <jim.kinney at gmail.com> wrote:

> Almost. The row refresh rate is set to be faster than the decay rate. The
> decay rate is far longer (closer to an order of magnitude for total loss)
> but the rate is set to ensure no loss at all.
>
> It is possible to move RAM from one running system to a special system by
> using liquid nitrogen to freeze the RAM, quickly move RAM to special system
> that can start RAM refresh on a new populated slot without a reboot.
> Timeframe for this changes from nanoseconds to seconds. With liquid helium
> it changes to minutes.
>
> It's this time frame that is the security risk. It underlines the need for
> physical security of systems.
>
> I have a vague recollection of high security RAM that could detect being
> unplugged and it would discharge a capacitor across the banks to zap them.
>
>
> On Fri, Jan 31, 2014 at 8:41 AM, Matt Hessel <matt.hessel at gmail.com>wrote:
>
>> Technically RAM only maintains the contents as long as the row refresh
>> rate, which for DDR3 is measured in nano seconds.
>> On Jan 29, 2014 1:15 PM, "Greg Clifton" <gccfof5 at gmail.com> wrote:
>>
>>>  Maybe this is Off Topic, but it is computer related. So here is the
>>> deal, I have a RFQ to quote on some computers to go into a classified
>>> application and the customer wants a Letter of Volatility. Now, obviously,
>>> the mass storage will be removable, but they are concerned about any memory
>>> in the system. I take this to include both volatile SDRAM (DDR3) and any
>>> non-volatile memory such as the CMOS for the BIOS (is it possible that some
>>> bot could be lurking there that could grab data and send it out when the
>>> computer is turned on?).
>>>
>>> My question is basically, how long does DDR3 maintain any recoverable
>>> data once the power is turned off. I would assume that power should be
>>> totally removed (as in unplugged from the wall) so that there is not even
>>> 5V standby power, no?
>>>
>>> Comments and especially links to solid information would be appreciated.
>>>
>>> Thanks in advance,
>>> Greg Clifton
>>>
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>>>
>>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>>
>
>
> --
> --
> James P. Kinney III
>
> Every time you stop a school, you will have to build a jail. What you gain
> at one end you lose at the other. It's like feeding a dog on his own tail.
> It won't fatten the dog.
> - Speech 11/23/1900 Mark Twain
>
>
> *http://heretothereideas.blogspot.com/
> <http://heretothereideas.blogspot.com/>*
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140201/5e9530be/attachment-0001.html>


More information about the Ale mailing list