Quote from: kmfkewm on May 25, 2012, 12:09 amIt isn't that low risk, specialized police do cold boot attacks all the time.http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10641927hm there was a news article not that long ago where police were talking about internet drug scene using encryption, and how they are starting to train agents to get memory while it is still live, but I can't find it right now. They talked about several of their tactics for getting to encryption keys in memory though. www.ncjrs.gov/pdffiles1/nij/219941.pdfthere is a LE guide for first responders on how to deal with memory in ways that maximize the chance of obtaining encryption keysThanks for this article, it was most interesting!I see that in this case this man Moore had a huge kiddy porn collection which he managed from an external hard drive. Some undercover police in NZ kept him busy chatting on IRC while his their buddies moved in. Moore desperately tried to switch off his machine but they restrained him in time.I daresay none of us will shed a tear that there's one less CP distributor walking the streets but it seems Moore had poor physical security as he had flatmates and his girlfriend living with him at the time any one of whom could have let the investigators in - this would mean that he wouldn't have had the minute or so's warning that comes from hearing your door being battered down.Interestingly enough he was originally tracked down by US Investigators - I can only assume he didn't Torify his connection to the IRC channels he managed? Another blunder he seems to have made is stored details of further passwords on the external drive itself, which of course allowed them to unlock more of his files. It seems it only took five days for LE in New Zealand to retrieve incriminating information. The logic of writing down a list of all one's passwords and protecting them with a single password seems to be that you can store passwords much longer than those you can remember in your head. My own solution which I posted about in a separate thread is to use an old school book cipher to protect your password list which would be impossible to crack without the associated key text and also doesn't have to be stored on your computer - I don't want to veer too far off topic but the above article is a clear example of why protecting all your passwords with a single one is a bad idea!V.