Cold Boot Attack - Mitigations - Power Management

Power Management

Shutting down a computer causes a number of well-known encryption software packages to dismount encrypted data and delete the encryption keys from memory. When a machine is shut down or loses power and encryption has not been terminated (such as in the event of sudden loss of power) data may remain readable from tens of seconds to several minutes depending upon the physical RAM device in the machine. Ensuring that the computer is shut down whenever it might be stolen can mitigate this risk.

For systems using the hibernation feature (ACPI state S4), the encryption system must either dismount all encrypted disks when entering hibernation, or the hibernation file or partition would need to be encrypted as part of the disk encryption system.

By contrast sleep mode (ACPI states S1, S2 and S3) is generally unsafe, as encryption keys will remain vulnerable in the computer's memory, allowing the computer to read encrypted data after waking up or after reading back the memory contents. Configuring an operating system to shut down or hibernate when unused, instead of using sleep mode, can help mitigate this risk.

Read more about this topic:  Cold Boot Attack, Mitigations

Famous quotes containing the words power and/or management:

    If your friend has displeased you, you shall not sit down to consider it, for he has already lost all memory of the passage, and has doubled his power to serve you, and, ere you can rise up again, will burden you with blessings.
    Ralph Waldo Emerson (1803–1882)

    Why not draft executive and management brains to prepare and produce the equipment the $21-a-month draftee must use and forget this dollar-a-year tommyrot? Would we send an army into the field under a dollar-a-year General who had to be home Mondays, Wednesdays and Fridays?
    Lyndon Baines Johnson (1908–1973)