2

Ubuntu offers full disk encryption relying on luks. An often recurring area of criticism is the fact that Ubuntu disables hibernation by default while suspend-to-ram stores the private keys in the ram memory. However I wonder if this risk is meaningful in practice.

If your laptop is locked (ie showing the login screen), or the lid of your laptop is closed (and your laptop is configured to wake up on the lock screen). How could someone inspect the content of your RAM without having to reboot your computer?

It seems to me that on the one hand, the attacker cannot switch to single-user mode without rebooting. He cannot even mount an usb key containing a bruteforce script since he does not have mount rights. Similarly he cannot open a shell under your user (or any other user) since your computer is locked.

So my question is, is there a piece of hardware I am unaware of that would allow the content of the RAM to be inspected in an hot manner without needing to power the device off to make hardware modifications?

The scenario I have in mind is the one of a determined adversary stealing a laptop.

Samuel
  • 21
  • 2
  • Only hibernate dumps the data to disk, therefore in a standard stand-by scenario the RAM data is not encrypted therefore insecure. – Overmind Apr 24 '19 at 07:58
  • See also [Recover the prior contents of RAM from a turned-off PC?](https://security.stackexchange.com/questions/10643/recover-the-prior-contents-of-ram-from-a-turned-off-pc) – Sjoerd Apr 24 '19 at 08:12
  • Why would an attacker want to avoid rebooting your system so badly? As I understand it, they can take out the RAM and plug it into another machine for reading. If they're fast enough (cold helps, but a lot is still recoverable even at room temperature if it's under 30 seconds or so, iirc), you can recover most data without using any special hardware. The laptop owner will only know the system crashed, not whether it was a bug or an attacker. Most people would assume it's a bug. Meanwhile the attacker just got the keys to your laptop. Seems a good trade-off for the attacker, in many situations. – Luc May 24 '19 at 11:06
  • @Luc I see, so RAM memory seems to be a meaningful problem in this threat model. The only hope is to surprise the attacker by trying to keep him unaware that encryption is being used, but someone experienced can reasonably be expected to plan for the circumstance. A realistic mitigation may to be to choose a computer where on the one hand, the battery needs to be removed to be able to disassemble it, and on the other hand, disassemble is not too easy to slow down the attacker. – Samuel May 24 '19 at 11:27
  • However if they are determined and know what they are doing, they'll have a manual of the laptop model in their hands, and will remove all the screwdrivers first before pulling the battery and rushing to disassemble the computer in under 30 seconds. So the real mitigation seems to be to turn the computer off whenever you leave the building. Or to put in hibernation which unfortunately does not enjoy perfect support in Ubuntu. Neither of these options are ideal – Samuel May 24 '19 at 11:31

1 Answers1

2

There seems to be hardware able to read the RAM, Tribble card and a couple of US gobernment related companies do produce similar devices source.

So yes, it could be possible, but it is very unlikely that regular thefts would have access to such a specific hardware.

bradbury9
  • 350
  • 1
  • 10
  • A lot of modern OSes defeat that attack by using their IOMMU. – forest Apr 24 '19 at 09:06
  • If my IOMMU undestanding is right, IOMMU prevents software based RAM attacks, not hardware based hot attacks. – bradbury9 Apr 24 '19 at 09:13
  • A properly configured IOMMU prevents both. Each PCIe device has its own special "region" of memory that the BIOS gives it (defined in an ACPI table called DMAR). The IOMMU will enforce reads and writes so the PCIe device's DMA is only able to write to the DMAR regions. The Tribble device (and other troubling contraptions) make use of the assumption that DMA will be totally unrestricted over PCIe. – forest Apr 24 '19 at 09:16
  • Yet it is not bullet proof... [Bypassing IOMMU Protection against I/O Attacks](https://hal.archives-ouvertes.fr/hal-01419962/document) – bradbury9 Apr 24 '19 at 09:53
  • Very true. When it comes to IOMMU security research, it's always proper to say... _Hic sunt dracones_. – forest Apr 24 '19 at 09:55
  • @forest Your IOMMU knowledge looks better than mine, if you add another answer with a more detailed info, I would gladly delete mine. – bradbury9 Apr 24 '19 at 10:14
  • Let us [continue this discussion in chat](https://chat.stackexchange.com/rooms/92820/discussion-between-bradbury9-and-forest). – bradbury9 Apr 24 '19 at 10:22
  • There is also hardware where you just pull out the RAM (freezing it before helps to keep data longer) and then copy it without using the PC. Doesn't work for soldered RAM obviously. – Josef May 24 '19 at 11:44