| |||||||||||||
Remotely wiping mobile phonesRemotely wiping mobile phonesPosted Sep 19, 2010 10:34 UTC (Sun) by Tet (subscriber, #5433)In reply to: Remotely wiping mobile phones by drag Parent article: Remotely wiping mobile phones I leave my laptop on all the time. Even when traveling it's suspended. Out of any modern device it's fairly trivial to pull encryption keys out of memory. Trivial, you say? I'd be intrigued to know how you plan to do this. Any halfway sane Linux distribution requires the decryption password to be entered when resuming from a suspended state.
(Log in to post comments)
Remotely wiping mobile phones Posted Sep 20, 2010 16:13 UTC (Mon) by pkern (subscriber, #32883) [Link]
While this might be true for hibernation (aka suspend to disk), I don't know of a Linux distribution that does it on suspend to RAM.
In theory it could instruct the kernel to wipe the encryption keys from memory at suspend time. However, the whole LUKS cryptsetup infrastructure runs in userspace to verify the correctness of the keys, which would require some parts of userspace in RAM to be working for key input. Chicken, egg.
But then this only applies to full disk encryption / root partition encryption, userspace filesystems like ecryptfs could get triggered to forget the keys and re-prompt the user, I suppose.
Remotely wiping mobile phones Posted Sep 28, 2010 13:37 UTC (Tue) by robbe (guest, #16131) [Link]
The plan:
* instruct the kernel to forget device keys before suspending * run a daemon that is able to ask the user for her passphrase, and reinstate device keys on resume * run without swap, or mlockall() all participating daemons/applications
Remotely wiping mobile phones Posted Sep 28, 2010 13:30 UTC (Tue) by robbe (guest, #16131) [Link]
I'd classify the difficulty as moderate, not trivial. See http://en.wikipedia.org/wiki/Cold_boot_attack
for details.
|
|||||||||||||