readme

2024-12-26 06:29:25 -05:00 · 2022-07-05 10:57:28 -04:00 · 2022-07-05 10:57:28 -04:00 · b8ba608535
commit b8ba608535
parent 949edf3e17
1 changed files with 8 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -393,12 +393,20 @@ executing `systemctl enable hide-hardware-info.service` as root.

 Wiping RAM at shutdown to defeat cold boot attacks.

+Implemented as `dracut` module `cold-boot-attack-defense`.
+
 Requires `dracut`. In other words, RAM wipe is incompatible with systems
 using `initramfs-tools`. To switch to, install dracut:

    sudo apt update
    sudo apt install --no-install-recommends dracut

+`dracut` is intentionally not declared as a dependency of `security-misc` to
+avoid making all of `security-misc` dependent on `dracut` only for the sake of
+the wipe RAM at shutdown feature. Linux distribution such as Kicksecure are
+advised to (and Kicksecure is planning to) install `dracut` instead of
+`initramfs-tools` by default.
+
 User documentation:
 https://www.kicksecure.com/wiki/Cold_Boot_Attack_Defense