On Sun, Oct 05, 2025 at 08:01:41AM +0200, Marco Moock wrote: > On 05.10.2025 07:50 Uhr tomas@tuxteam.de wrote: > > > *THIS* is exactly the scenario disk encryption will help you with, and > > nothing else. Assuming you're able to shut down before seizure. If > > someone gets your hardware in an "up and running" state, they still > > might get around, if they know what they are doing. > > As long as you lock the screen whenever leaving the machine, nobody can > easily log in. In this state, the login attempts can also be > rate-limited. If you have physical access, all bets are up. > Of course, it is possible to use security vulnerabilities in the running > OS. > > Getting the RAM content is also possible if the RAM is being frozen and > then removed from the motherboard. > > I haven't heard of that in real situations. https://en.wikipedia.org/wiki/Cold_boot_attack Now you have :-) Of course, this presupposes that the attacker thinks it's worth to dedicate some resources to it. But brute-forcing an argon2i PBKDF also needs some resources, and as I posted elsewhere here, it seems to have happened already. Cheers -- t
Attachment:
signature.asc
Description: PGP signature