An approach to mitigating the cold boot attack is known as " frozen cache " ( sometimes known as " cache as RAM " ), which disables the CPU's L1 cache and uses it for key storage.
32.
The authors recommend that computers be powered down, rather than be left in a " patch for Linux specifically intended to prevent cold boot attacks on RAM by ensuring encryption keys are neither user accessible nor stored in RAM.
33.
In February 2008, Felten and his students were part of the team that discovered the cold boot attack, which allows someone with physical access to a computer to bypass operating system protections and extract the contents of its memory.
34.
Microsoft Support article 102228 also confers that although the reset button is designed to perform a cold reboot, it may not disconnect the power to the motherboard a state that does not correspond to the cold boot definition given above.
35.
According to Jones, Landes, Tittel ( 2002 ), Cooper ( 2002 ), Tulloch ( 2002 ) and Soper ( 2004 ), on IBM PC compatible platform, a cold boot is a boot process in which the computer starts from a powerless state.
36.
However even where a TPM is used, a key would still be vulnerable while a software application that has obtained it from TPM is using it to perform encryption / decryption operations, as has been illustrated in the case of a cold boot attack.
37.
The study authors were able to demonstrate a cold boot attack to recover cryptographic keys for several popular disk encryption systems despite some memory degradation, by taking advantage of redundancy in the way keys are stored after they have been expanded for efficient use.
38.
The study authors were able to use a cold boot attack to recover cryptographic keys for several popular disk encryption systems, including FileVault, by taking advantage of redundancy in the way keys are stored after they have been expanded for efficient use, such as in key scheduling.
39.
Such attacks can be nullified if the encryption keys are not accessible at a hardware level to an intruder i . e ., the devices in which the keys are stored when in use are not amenable to cold boot attacks but this is not the usual case.
40.
Subgraph OS features a kernel hardedned with the Grsecurity and PaX patchset, Linux namespaces, and Xpra for application containment, mandatory file system encryption using LUKS, resistance to cold boot attacks, and is configured by default to isolate network communications for installed applications to independent circuits on the Tor anonymity network.