[oceanplexian]

I would think you'd do the exact opposite.

If you leave a computer running anyone (Well "anyone" being a skilled adversary) can simply pull out the RAM and grab encryption keys in clear text. Law enforcement does this so often, it's practically routine. The only "safe" system is one that has been long powered off and is using tried and true cryptography, ideally open-source FDE that's been fully audited.

[gzer0]

Mullvad is fully open source, with the source code provided here [1], which has also undergone multiple rounds of audits with the reports available to the public [2][3].

[1] https://github.com/mullvad

[2] https://mullvad.net/en/blog/2021/1/20/no-pii-or-privacy-leak...

[3] https://cure53.de/pentest-report_mullvad_2021_v1.pdf

[OJFord]

It's a shame the API isn't open though. I maintain a Terraform provider for it, but it has to come with a fat warning that it can break due to (reversed) API changes, and that fixing it may require breaking changes or even not be feasible etc.

[WhitneyLand]

It’s practically routine for law enforcement to extract encryption keys from RAM, since when?

I’ve only heard of it being done by researchers and/or special situations.

Is this just speculation?

[vladvasiliu]

> can simply pull out the RAM and grab encryption keys in clear text

Leaving aside the leg work "simply" does here, especially in a coffee shop environment: would AMD's "encrypted memory" help against these kinds of attacks?

I have a laptop with an AMD Zen 3 Pro CPU that has this option in the BIOS and was wondering whether it actually did any good, as opposed to being just some marketing shtick.

[RainaRelanah]

Interesting, I didn't know this was a thing, but after some cursory research it does seem like part of its use case is to stop this attack vector.

[Kototama]

FDE is not enough against physical access, see the evil maid attack.

[oceanplexian]

Well obviously, FDE also doesn't protect you if someone is standing over your shoulder reading you type the password. The point is that leaving a machine turned on, while not in your physical possession puts all of your data at risk. My company would freak if I did this and I don't even work in the security space.

[Kototama]

As you know, the evil maid attack is something different. It's better to be precise and not give a false-sense of security to readers who may be less informed about this subject.

[codewiz]

Full disk encryption won't prevent "evil maid" attacks where keylogging hardware is interposed between the keyboard and the main board, or the entire board is swapped with one with firmware enabling remote "management".

[matheusmoreira]

> pull out the RAM and grab encryption keys in clear text

How to defend against this?

[sodality2]

Shut down your device, don't leave it on at all times. I don't know if there's a way to suspend and encrypt RAM though. But other than that, there's no way to keep a computer running without the miscellaneous data being kept in RAM

[deno]

Besides memory encryption (AMD PRO & Epyc) you can zero-out in-use memory keys before suspend & restore on resume, preferably using sealed storage, like TPM. This is ‘the’ reason to prefer home encryption vs. full disk. The thing is if someone is prepared to attack your laptop with liquid nitrogen they might as well just wait for you to unlock your laptop and then steal it right there, or watch you type in your password; better get your privacy blanket ready ;) Not having physical security is a huge disadvantage, and there’s really no way around it—you automatically start in the defeated position, and have to stack gizmos just to break even.

[goodpoint]

there are methods to store keys in RAM in encrypted form and decrypt them only on the cache and CPU registers

[brobinson]

Talked about a bit here: https://youtu.be/pKeiKYA03eE?t=963

Using debug registers to hold an AES key purely in the CPU is genius.

[tenebrisalietum]

What if I have some sort of trigger (accelerometer attached to a door connected to a serial port, for example) that makes the system kexec to memtest86 before the system is taken?

[goodpoint]

> pull out the RAM

...which could be soldered. Plus, there are methods to store keys in RAM in encrypted form and decrypt them only on the cache and CPU registers.

[hatware]

> simply pull out the RAM

One does not simply pull out the RAM