How to move your /boot partition onto removable media.

Part of every traveler's threat model today should include the following scenario:

When you're trying to fly into or out of an airport en route to someplace else, it is entirely possible that the airport's security staff will take you aside for a more thorough search and questioning while your stuff is taken someplace out of your control and analyzed. We know that there are malware packages available today that boobytrap the boot device of laptop computers to install various forms of surveillance malware which run the next time you start your machine up and compromise the OS even though …

Read more...

Post-reboot memory dumping software released.

Last week, a group of information security researchers released a whitepaper detailing a practical data extraction attack on DRAM after the power's been cut. Unfortunately, Applebaum et al didn't release the source code for the utilities they used in the lab. One Wesley McGrew read the paper and decided to apply the scientific method by reproducing their experiments. This required developing utilities to extract data from powered-down DRAM from scratch which he's done and released the source code for. The source is mostly in C with some in-line assembly. It's dense and you really have to understand what's going on …

Read more...