Szerző: flapflap Dátum: Címzett: tails-dev Tárgy: Re: [Tails-dev] memory wipe at shutdown # of wipes
TARIQ ADAMS: >
> Interesting.... Are there any plans
> to wipe the controller memory for Li-ion batteries? I remember reading of a
> battery firmware hack by Charles Miller at Blackhat. Seems to be an ideal place
> to hide exfiltrated data (or malware) if there's writable memory since there's
> always some power. I think this is the most obvious hardware threat to TAILS,
> especially if it's an internal
> battery.
It's sad, but as soon as the underlying hardware is compromised Tails
can't do anything about it.
Let's assume a healthy hardware and Tails, then the memory erasure is --
and only can be -- a /preventative/ feature:
It makes it hard(er) for an attacker to get access to the data that was
processed within Tails.
Also, if Tails gets compromised it can't do anything too: the attacker
just gained control over the machine and can install the malware on the
USB stick, the DVD drive firmware, the HDD firmware, the BIOS, (as you
said) the battery firmware, the monitor EEPROM, and maybe some shady
"feature" of modern CPUs... basically everywhere.