From 8f03ce049a1f48bb088cf92f4f39cceb2e3a5ae6 Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@whonix.org>
Date: Tue, 5 Jul 2022 10:41:55 -0400
Subject: [PATCH] readme

---
 README.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/README.md b/README.md
index b991963..0881958 100644
--- a/README.md
+++ b/README.md
@@ -389,6 +389,21 @@ information that shouldn't be accessible to unprivileged users. As this will
 break many things, it is disabled by default and can optionally be enabled by
 executing `systemctl enable hide-hardware-info.service` as root.
 
+## Cold Boot Attack Defense
+
+Wiping RAM at shutdown to defeat cold boot attacks.
+
+User documentation:
+https://www.kicksecure.com/wiki/Cold_Boot_Attack_Defense
+
+Design documentation:
+https://www.kicksecure.com/wiki/Dev/RAM_Wipe
+
+Source code:
+
+* `/usr/lib/dracut/modules.d/40cold-boot-attack-defense`
+* `/etc/default/grub.d/40_cold_boot_attack_defense.cfg`
+
 ## miscellaneous
 
 * hardened malloc compatibility for haveged workaround