ive seen a video somewhere, where somebody hit the dram with some freeze-spray, and then yanked it out of a running machine, and transplanted it to a new machineIn the ancient year of 1980 I started college at Northwest Nazarene College, majoring in Engineering Physics.The ram will be empty microseconds after the power is removed.
The physics lab had two identical Commodore PET computers, already obsolete. This model had a primitive frame buffer backed by dynamic RAM, possibly Intel 2116 with a 2 ms refresh cycle.
These PETS had the curious property of displaying old display data, retained in the DRAM, briefly as they rebooted. I remember playing (...I mean...conducting careful experiments) with this and being astonished how long some parts of the old data would persist during the powered off period.
the 2nd machine doesnt have secure-boot to restrict what can run, and was pre-configured to dump all ram to disk on boot
and with the freeze-spray, the ram retained the data long enough for the transfer
that then allows extracting ram contents from a running machine, even if secure-boot is enabled and it wont allow unsigned code
but thats far harder on an rpi, given how the ram is soldered in
and this would also guard against thatthe pi is allowed to sit in room temp for one hour, then given to the worlds most determined well resourced hackers
if the software hasnt been tampered with and is designed properly, it would never try to hide secrets in places like the eepromand wallet software known to be authentic is installed
and if some malicious software gets into the machine that can do that kind of thing, it could also just generate an insecure wallet from the start, seed the rng poorly, so you use a predictable wallet
the instant some malicious software is in the machine, its already game over, and you cant trust anything you do with the system until it has been fully erased
that includes things like trying to generate a new wallet
Statistics: Posted by cleverca22 — Thu Jan 16, 2025 2:39 am