I don't know how this works but does this mean if someone gained physical access to your locked running computer, they could gain access to your full encrypted drive and anything saved on disk?
My reasoning there is if you used an encrypted drive, the decryption key you type when booting up would be stored in memory for the duration of that boot.
This seems alarming because it means if someone broke into your living quarters they can bypass all forms of disk encryption if your machine was on and locked. Encrypting your disks seems like a reasonable thing to want to do with consumer grade hardware.
Physical Access to a computer is almost always the fastest and easiest way to crack it down. Additionally, both Windows's BitLocker and Linux's dm-crypt are data at "rest" encryption. They are not responsible for the safety when your machine boots up. MAC and user password are the proper method when it's running.
If they have liquid nitrogen and a memory dumping boot disk, or a memory bus interceptor.
Is this still a viable attack in 2026?
See https://en.wikipedia.org/wiki/Cold_boot_attack
Yes. Also depending on the implementation (ie if it's not an outdated Intel machine) it is presumably also vulnerable to snooping the memory bus while it's running. Note that this active attack applies regardless of encryption and impacts even enterprise SKUs. https://tee.fail/
if you have liquid nitrogen and a memory dumping boot disk, or a memory bus interceptor
This feature was off by default in all the mobos I've seen.
It causes many stability issues, as to my experience.
The attack is sophisticated, Mr.Nobody, generally, should not worry about expensive cryogenic attacks - three letter guys would extract your key with a wrench.
I mean the change is bad - it undermines already damaged trust, but the "average Joe" is extremely unlikely to be affected directly.
There are many much cheaper ways to force you to give up your keys.
> three letter guys would extract your key with a wrench.
Are people still using this to justify no encryption? that comic sure did a lot of damage.
Mr. Nobody should be able to decide how much they want to protect themselves. If it's unstable maybe Mr Nobody is fine with it.
Raising the cost of achieving this to enterprise budgets, just because, seems suspect. Specially when there are so many attempts to undermine secure computing by the powers that be. [1] [2]
> There are many much cheaper ways to force you to give up your keys.
Yes, but that requires the Mr Nobody knowing you have access to them, which in itself is a big deal.
But let's think about it, why would they torture Mr Nobody by wrench? News stations would like to hear that, or do you think they will make Mr Nobody disappear too? Would they take those risks for a Mr Nobody?
Maybe the most realistic scenario is that people sometimes can hold onto their passwords. Scumbag or not. [3]
[1] https://en.wikipedia.org/wiki/Apple%E2%80%93FBI_encryption_d... [2] https://en.wikipedia.org/wiki/Chat_Control [3] https://arstechnica.com/tech-policy/2020/02/man-who-refused-...
So we're shaving yaks here but instability undermines nonrepudiability. Mr. Nobody might welcome deniability in the appropriate circumstances...
I would honestly them have rather communicated this first clearly.
Unless you live in North Korea, China, Russia, UK, France, Australia or Ireland it’s still illegal to coerce or force someone to give up their personal keys or passwords, so this feature is still useful against some law-bound adversaries in free countries.
Well, I live in Ireland but not sure what you refer to.
Something being illegal does not imply it doesn't happen though.
law in question: https://www.irishstatutebook.ie/eli/2017/act/11/section/7/en...
and recent Supreme Court decision that upheld its constitutionality:
https://www.algoodbody.com/insights-publications/password-pr...
What are you trying to prove? He never said you're wrong, just the fact that something is illegal doesn't mean that it won't happen to you, just that it's illegal - those are just words written in a book somewhere. Even so-called law bound adversaries break the law all the time. A cop beating you senseless or breaking into your home is illegal, but it happens all the time. You're welcome to sue after the fact.
This is not relevant to memory encryption, after all the police could just plant any false evidence. You use video camera/CCTV and other evidence gathering to document such illegal police action.
Suing after the fact is a valid strategy and in free countries this would allow you to exclude illegally obtained evidence or evidence lacking proper chain of custody.
If you sue them they will just beat you with a wrench again. Courts are imaginary. You should stop resisting. /s
The West just a few years ago declared that at airport entry points, no one is including their citizen is not protected by any law when it comes to providing access to your private stuff.
Don’t bring your sensitive data to airports.
In a previous administration they apparently concluded that while the government can't violate your first amendment free speech rights, they can ask a third party to do so. So what makes you think that the CIA won't hire blackwater or the crips to hit your toes with a ball peen hammer until you tell them what you want to know, and then walk away having not violated your constitutional right to privacy and not incriminate yourself?
I don’t want to get into specifics because ultimately it just comes down to the logical argument that just because a strategy is not by itself successful against all possible threats it doesn’t mean it’s worthless. By this logic you wouldn’t lock your front doors.
>It causes many stability issues, as to my experience
In my experience it very much does not, ram instability with this feature indicates a hardware issue same as with ECC.
>Mr.Nobody, generally, should not worry about expensive cryogenic attacks - three letter guys would extract your key with a wrench.
This is disingenuous framing. There exist valid threat models for average people between thieves and three letter agencies. Police forces and organized crime have been known to use ram freezing, the former is not known for wrench attacks. That scenario is only good for hand waving real concerns anyways.
Well, I've experimented with this feature on several platforms (both ECC and non-ECC) starting with TRX40, most of the times I've been just getting hard freezes at GPU driver initialization. If it boots - it usually hangs when a VFIO VM spins up.