Cannot Guarantee Zero Information on Physical Acquisition

RAM can be read some time after power is removed, or after a reset. We learned that with respect to laptops on suspend being insecure.

I don't see how running only from RAM makes this type of attack any harder ... in fact I think it would make it easier, because there is only one place something can be instead of two or more.

Now if the BIOS would scrub RAM effectively after powering up, that's one less vector to worry about. It means an attacker would have to also subvert the BIOS.