In a previous post I covered the cold boot attack paper written by the good people
at Princeton. One thing that they mentioned was that they built an application that can
dump the data stored in RAM yet they aren’t publishing as it may be used to cause harm…
Well guess what?
Someone else built one and published it-Just for the fun of it.
Wesley McGrew built it and he publishes it on his blog, calling the application msramdmp…
Before publishing this post I thought to myself,is Wesley ethical to create such a tool and
provide it freely?
Am I ethical to give it additional publicity? I mean it is one thing to know that something might be done
yet providing the tools is a different ball game. To be honest, I think that by releasing such a
tool and bringing it’s existence to the knowledge of others people actually provide a service
since now the weaknesses have to be fixed.
Looking at the current case, the evolution is very clear:
- Theoretical researches about RAM residue were published and lingered for years
- A practical implementation of the theory was documented and published
- Software/hardware companies responded and reassured
- A tool to exploit the weakness has been released
- Hopefully-a solution is being created to solve the weakness
The theoretical research about RAM residues has been around for years without causing much of a fuss. In
contrast when the practical implementation was documented and published the levels of noise were relatively
large- software/Hardware vendors had to provide explanations…now that freely available tools to exploit the
weakness exits hopefully software/hardware manufacturers will have to react.