Feature #5687

erase memory when the USB stick is removed

Added by Tails 2013-07-18 07:44:33 . Updated 2013-07-19 01:47:04 .

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Target version:

Start date:

Due date:

% Done:

Feature Branch:

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

Rationale

If running from the USB drive and it is removed, it would be nice to wipe memory and reboot when the USB drive is removed: if you’re in a persecuted country and they are on to you, you can grab the USB and leave.

Current state

Implemented in 0.7.

design documentation: done in memory erasure
end-user documentation: done in cold boot attacks

Inspiration

A simple udev rule should do the job. It should be triggered by ACTION=="remove", and be really careful to detect whether the system is running from the just-removed USB stick.

The implementation difficulty arises from the fact that smem must be permanently kept in RAM after boot, along with what’s needed to make the command run by the udev rule work. Possible solution: run smem on boot, immediately SIGSTOP it, and SIGCONT it when the USB stick is unplugged.

Liberte Linux has some kind of watchdog that does something alike these lines (i.e. at least shutdown the box):

they pre-cache needed programs in a directory in /dev/shm
they have a udev watchdog written in C, which is supposed to be more reliable than udev rules.

Subtasks

History

#1 Updated by intrigeri 2013-07-19 01:47:04

Type of work set to Code

Type of work: Code