Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-26 07:35:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

readme

Browse Source
This commit is contained in:
Patrick Schleizer 2022-07-05 10:41:55 -04:00
parent b342ce930e
commit 8f03ce049a
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
README.md
View File

@ -389,6 +389,21 @@ information that shouldn't be accessible to unprivileged users. As this will
break many things, it is disabled by default and can optionally be enabled by
executing `systemctl enable hide-hardware-info.service` as root.
## Cold Boot Attack Defense
Wiping RAM at shutdown to defeat cold boot attacks.
User documentation:
https://www.kicksecure.com/wiki/Cold_Boot_Attack_Defense
Design documentation:
https://www.kicksecure.com/wiki/Dev/RAM_Wipe
Source code:
* `/usr/lib/dracut/modules.d/40cold-boot-attack-defense`
* `/etc/default/grub.d/40_cold_boot_attack_defense.cfg`
## miscellaneous
* hardened malloc compatibility for haveged workaround