Is FreeOTFE vulnerable to “Cold Boot Attacks on Encryption Keys” (aka “DRAM attacks”)?
No, it isn’t – assuming common sense is used. Description A “cold boot attack” involves rebooting a computer which has been handling sensitive information, and dumping contents of its memory out to a disk in order to try to examine information stored in memory immediately prior to rebooting. This form of attack is detailed at http://citp.princeton.edu/memory/ This attack is nothing new, and has been well known for a long time; despite the disproportionate amount of attention it’s now getting. Solution If you mount an OTFE volume, and simply walk away from your computer, the encryption keys used to secure your volume will be held in your computer’s physical memory (obviously). If someone reboots your computer at that point, there is a risk they could successfully recover your encryption key. However, it is not generally recommended that you simply walk away from your computer while you have volumes mounted – if anyone can come along and attempt to launch the above attack, THEY CAN SIMPL
