Re: [BLUG] BLUG at IU Linuxfest, Friday Oct 10

Sounds great! Yes, there will be power available and I'd love to have
somebody else around. If you get there and can't find us, we'll be
sharing booth space with the School of Informatics.

I'd love and Edubuntu demo, I haven't messed with it myself.

Dave Cooley
dcooley@kiva.net

James Marple wrote:
> Well i can be there but i haven't really met anyone yet due to
> meetings being on tuesday's.
>
> Are you going to have power available can bring a demo of edubuntu . I
> have been setting up some machines with it for Penny Lane West the
> kids love the games it has .
>
>
>
> Dave Cooley wrote:
>> All-
>>
>> This coming Friday (October 10) is IU Linuxfest in Alumni Hall inside
>> the Indiana Memorial Union. From what I've heard, it's likely this
>> is the last year for Linuxfest (at least in its current form) as the
>> group that sponsors it is going away.
>>
>> BLUG will have a booth there. I'm taking the day off from work, and
>> will be there all day (10a-4p). Is anyone else free that day (or
>> part of the day) to join me?
>>
>> I think our only goal at Linuxfest should be to spread awareness of
>> BLUG and tell people what we do (presentations, socializing,
>> networking, FLOSS advocacy, etc). I think I'll just borrow a table
>> from my office, and maybe print out some flyers or something to give
>> to people. Anyone else have any ideas (that can be pulled together
>> in a week)?
>>
>> If anybody would care to join me, I'd love it. Let me know when you
>> can be there, or just drop on in as you please. Sorry there's not
>> more notice, this all just came together sort of last-minute.
>>
>> Here's a link to the IU Linuxfest Page:
>> http://rtinfo.indiana.edu/linuxfest/
>>
>>
>
>
>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] BLUG at IU Linuxfest, Friday Oct 10

Well i can be there but i haven't really met anyone yet due to meetings
being on tuesday's.

Are you going to have power available can bring a demo of edubuntu . I
have been setting up some machines with it for Penny Lane West the kids
love the games it has .

Dave Cooley wrote:
> All-
>
> This coming Friday (October 10) is IU Linuxfest in Alumni Hall inside
> the Indiana Memorial Union. From what I've heard, it's likely this is
> the last year for Linuxfest (at least in its current form) as the
> group that sponsors it is going away.
>
> BLUG will have a booth there. I'm taking the day off from work, and
> will be there all day (10a-4p). Is anyone else free that day (or part
> of the day) to join me?
>
> I think our only goal at Linuxfest should be to spread awareness of
> BLUG and tell people what we do (presentations, socializing,
> networking, FLOSS advocacy, etc). I think I'll just borrow a table
> from my office, and maybe print out some flyers or something to give
> to people. Anyone else have any ideas (that can be pulled together in
> a week)?
>
> If anybody would care to join me, I'd love it. Let me know when you
> can be there, or just drop on in as you please. Sorry there's not
> more notice, this all just came together sort of last-minute.
>
> Here's a link to the IU Linuxfest Page:
> http://rtinfo.indiana.edu/linuxfest/
>
>

_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] Improving the boot time

On Sat, Oct 04, 2008 at 06:33:02AM -0600, Abhishek Kulkarni wrote:
> RAM scans during POST can mitigate cold boot attacks as long as they do a
> complete read/write test erasing/zeroing the memory. The DRAM is known to
> retain its memory even after power cycling by a quick reboot. An attacker could
> typically dump the contents of the DRAM to get to the encryption key used for
> encrypting the disks. I am just not sure how much a TPM helps here. "Quickboot"
> options skip memory checks on startup for a faster boot time but leave the
> system open to such type of attacks.

You are correct. Does the RAM check just do a read test, or is
it write/read? Truthfully, I don't know -- and it may vary by BIOS
manufacturer. They likely consider it a trade secret much the same way
that people considered the exact amount of food in a can to be a trade
secret back in the old days.

However, anything that causes the RAM to heat up, and slows down the
boot process provides some level of support in mitigating cold-boot
attacks.

All I need to do is make the attacker think, "Oh shoot. This is going to
take too long, and it is erasing the data now!" The ultimate goal is to
provide not only enough security but enough noticable security. It could
be considered on par with a security sign out front.

Ultimately, what I consider is powering down your machine 5-10 minutes
before you ever leave it alone. (This accepts the fact that leaving
laptops alone in your hotel room will likely happen at some point during
a conference.)

> Most legacy BIOSes and even the "secure" EFI are susceptible to these attacks.
> I believe an open solution like coreboot proves to be the best option in the
> long run.

I agree. Open solutions are usually the best.

Cheers,
Steven Black

> On Sat, Oct 4, 2008 at 4:32 AM, Scott Blaydes <sblaydes@sbce.org> wrote:
>
> Does the RAM scan actually have anything to do with security, or just PC
> health?
>
> Thank you,
> Scott Blaydes
>
> Steven Black wrote:
>
> It is interesting.
>
> On a personal note, I have all my machines configured in such a manner
> so as to slow down the boot. -- As a security precaution I have all
> the RAM on all my machines scanned at boot-time. I actively discourage
> people from using the "QuickBoot" BIOS options.
>
> Cheers,
> Steven Black
>
> On Thu, Oct 02, 2008 at 10:11:14AM -0600, Abhishek Kulkarni wrote:
>
> Just stumbled upon some interesting stuff here http://
> www.fenrus.org/plumbers_fastboot.ppt
>
> I just clocked the booting time on my notebook (Dell Vostro 1400),
> it takes
> more than 90 seconds!
>
> -- Abhishek

Re: [BLUG] Improving the boot time

Yes, it helps with security.

When a machine is powered off it doesn't immediately clear the RAM. If
you cool the RAM and use an external boot device which copies all the
RAM to a file you can steal hard drive passwords which were cached in
memory. Yes, this includes any other passwords also cached in memory at
the time.

With the quickboot BIOS option, this task can be done quickly via a USB
thumb drive without clearly drawing attention.

By disabling quickboot and having my RAM scanned, it clears my memory at
boot time. While this doesn't help if they have a compatible computer
they can drop the RAM in to, it does help if they have time constraints
and they're relying upon the fact that most systems are not set to scan
the RAM.

While I also password-protect my CMOS configuration, and encourage
people to lock out other boot options on laptops, it is about layers of
protection. Plus, my idea is to deter people quickly. There's no doubt
about what is happening or the time it will take when a machine starts
a RAM check. Make it clear that there are easier fish, and they're more
likely to walk away sooner.

Cheers,
Steven Black

On Sat, Oct 04, 2008 at 05:32:38AM -0500, Scott Blaydes wrote:
> Does the RAM scan actually have anything to do with security, or just PC
> health?
>
> Thank you,
> Scott Blaydes
>
> Steven Black wrote:
>> It is interesting.
>>
>> On a personal note, I have all my machines configured in such a manner
>> so as to slow down the boot. -- As a security precaution I have all
>> the RAM on all my machines scanned at boot-time. I actively discourage
>> people from using the "QuickBoot" BIOS options.
>>
>> Cheers,
>> Steven Black
>>
>> On Thu, Oct 02, 2008 at 10:11:14AM -0600, Abhishek Kulkarni wrote:
>>> Just stumbled upon some interesting stuff here
>>> http://www.fenrus.org/plumbers_fastboot.ppt
>>>
>>> I just clocked the booting time on my notebook (Dell Vostro 1400), it takes
>>> more than 90 seconds!
>>>
>>> -- Abhishek
>>>
>>
>>> _______________________________________________
>>> BLUG mailing list
>>> BLUG@linuxfan.com
>>> http://mailman.cs.indiana.edu/mailman/listinfo/blug
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> BLUG mailing list
>> BLUG@linuxfan.com
>> http://mailman.cs.indiana.edu/mailman/listinfo/blug
>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug

--
Steven Black <blacks@indiana.edu> / KeyID: 8596FA8E
Fingerprint: 108C 089C EFA4 832C BF07 78C2 DE71 5433 8596 FA8E