Quote from: kmfkewm on January 04, 2013, 10:46 amQuote from: SelfSovereignty on January 04, 2013, 07:55 amQuote from: astor on January 04, 2013, 07:14 amIf you want to get really advanced, you could apply the TRESOR kernel patch, which puts the encryption key in the CPU registers, preventing them from being stolen from a memory dump, cold boot attack, etc.Just mentioning that if you have DDR3 RAM, which you probably do if the laptop isn't more than a year or two old, it's immune to cold boot attacks. Though I haven't actually tested that or anything... as for Unity... yeah. Fuck that. I gave it a chance, and my verdict stands: fuck that.First time I heard this claim although some googling shows that it has some support. I wonder if it continues to be immune if the attacker flash freezes the RAM. It seems the reason given for its immunity is because it clears its state in only a few seconds after power is cut, not giving an attacker enough time to transfer the RAM in a forensics laptop or even to reboot the system the RAM is in and load a live light weight forensics OS. However if they gain access to the computer and it is booted up, I imagine they can still freeze the RAM to dramatically extend the amount of time they have to put it into a forensics laptop or reboot the targeted system into a forensics OS. Also I cannot find any actual studies or experts talking about DDR3 RAM and cold boot attacks, only random people on the internet making claims about it. Thus, I am skeptical about the truth of this until someone shows me a study or a recognized expert saying something on the matter.Er, that doesn't sound good. Have I fallen prey to misinformation? The first mention I heard of it was in the comments on Bruce Schneier's site, and nobody refuted it. So I googled for like 20 seconds, decided it was decent info, and that was that. Apologies if I've steered everybody wrong, but you now know precisely my basis for saying this and can decide for yourselves.Edit: I use "google" loosely. Please do not bother harrassing whatever poor fools googled this stuff around the same time, you will not find me :P