[bhawks]

Yes it would - either through the free syscall or a process exit. This is a defense in depth strategy and not 100% perfect. If you yanked the power cord and a long lived process had sensitive data in memory you're still vulnerable. But if you had a clean power down or very short lifetimes of sensitive data being active in RAM it would afford you additional security.

[WalterBright]

?? Cutting the power means the RAM contents vanish.

[SllX]

They vanish eventually which is usually measured in seconds. This can be extended to minutes or hours if someone performs a cold boot attack: https://security.stackexchange.com/questions/10643/recover-t...

[l33t233372]

I find that phrasing weird.

A cold boot attack relies on a cold boot of the system to evade kernel protections(as opposed to a warm boot where the kernel can zero memory.)

The name has nothing to do with reducing the temperature of the ram to extend the time it takes bytes to vanish in ram.

[SllX]

I think it’s a little bit of column A and a little bit of column B, but admit while I remember reading about using technique a long time ago, I’m not sure of the history of the nomenclature. From the StackExchange:

> For those who think this is only theoretical: They were able to use this technique to create a bootable USB device which could determine someone's Truecrypt hard-drive encryption key automatically, just by plugging it in and restarting the computer. They were also able to recover the memory-contents 30 minutes+ later by freezing the ram (using a simple bottle of canned-air) and removing it. Using liquid nitrogen increased this time to hours.

[l33t233372]

Reducing the temperature of the RAM can be done to make a cold boot attack easier, but it’s not the origin of the name.

For more details, see the paper Lest We Remember.

[SllX]

Thanks, TIL! I'll check it out.

[WalterBright]

i didn't know that. Thanks!