FOSDEM is the biggest free and non-commercial event organized by and for the community. Its goal is to provide Free and Open Source developers a place to meet. No registration necessary.

   
Speakers
Carl-Daniel Hailfinger
Schedule
Day Sunday
Room Lameere
Capacity 500
Start time 14:00
End time 14:30
Duration 00:30
Info
Track Embedded devroom

Cold boot attacks on RAM readout

Ways to circumvent most known protection methods, and ways to protect the RAM contents even for unmodified operating systems

RAM readout attacks are a nice way to recover encryption keys etc... from computers which are still running, but where you lack proper access rights. The same applies to recently powered off computers. This works by cutting power to the computer and moving the RAM to another special machine which is able to read out RAM modules without overwriting anything. Both new attack vectors and defense mechanisms will be discussed.

New attack: Various hardware-based mitigation schemes have been discussed in literature, but most of them can be circumvented easily with a new method presented in this talk.

Better Defense: Unmodified operating systems offer no way to safeguard RAM contents on regular shutdown, and even modified OS often have to keep some parts of RAM unaltered to allow regular poweroff. A way to ensure RAM clearing on poweroff for unmodified x86 OS will be demonstrated, and its safety and impact will be discussed.

Events that start after this one (within 30 minutes):

When Event Track Where
14:30-15:00 Really fast x86 boot Embedded Lameere
14:30-15:00 PHP.reboot Free Java AW1.125
14:30-15:00 Who the bloody hell cares about Debian? CrossDistro H.1302
14:30-15:10 Asterisk SCF Development Interfaces Open Source Telephony AW1.124
14:30-15:15 The next desktop is the browser! Crossdesktop H.1309
14:30-15:15 Processing XML with dynamic languages/Perl Perl AW1.126
14:40-14:55 XWiki: Annotating documents, the eXtensible wiki way Lightning Talks Ferrer
14:40-15:00 USB redirection over the network New challenges in Virtualization AW1.105
14:45-15:30 Lightning Talks Mozilla H.1301
14:45-15:30 Helping out in the calc core LibreOffice H.2214
14:45-15:40 Opengazer, dasher and ticker: hands-free error tolerant communication Accessibility AW1.121
15:00-16:00 Enlightenment Foundation Libraries - for developing shiny, fast, and light applications on embedded targets. Embedded Lameere
15:00-15:15 Mongrel2: Lighting up IPv6 Lightning Talks Ferrer
15:00-15:20 View-OS: userland namespaces? New challenges in Virtualization AW1.105
15:00-15:30 ZYpp your distro CrossDistro H.1302
15:00-15:45 Get ready for the PostgreSQL Extension Network PostgreSQL H.2213
15:00-15:45 Configuration management for developers Configuration & Systems Management AW1.120
15:00-15:50 Linux Disaster Recovery as a Service (with rear) Cloud Chavanne
15:00-15:50 WebODF: an office suite built on browser technology Office Janson
15:00-16:00 How to make QA-engineers start drooling CrossDistro H.1308
15:00-16:45 LPI Exam 5 Certification Guillissen