Forensics: Can volatile RAM still contain evidence?

[GreenXenon]

Hi:

Can informating stored in volatile RAM still be recovered after the
computer is turned off? I remember reading something on a forensics
website that the evidence is not only on the platters of the HDD but
also on the disk cache chips and the volatile RAM chips in the PC.

Even if the PC is turned-off, the chips still contain sufficient
amount of info that can be recoverd by top-secret devils of the NSA
and Central Security Service. Apparenty they have some devices that
can read EXTREMELY-WEAK electric signals from volatile RAM chips and
recover what was lost then the power was turned-off. Is this true? If
so, how to prevent this while still expressing my socially-
unacceptable opinions on the internet?

Are there any RAM chips that are PURELY-VOLATILE and that will lose
all info when power is lost? If so, I'm thinking of buying a PC which
uses these chips. As soon as I turn off the comp, no info remains at
all.

This is another reason I was discussing about RAM chips in another
thread a few of minutes ago.

Please note that I do not plan to write anything illegal on the net --
no threats, no confession, etc. However, I would like to express my
opinions in chat rooms w/out facing negative consequences.

My opinions differ from that of the general public and I want to
forcefully-express my vulgar, obscene, and socially-unacceptable
opinions in chat rooms [such as Yahoo-chat, ICQ, IRC, chat-zone, and
spin-chat] without being falsely-accused of crime.

While what I would like to write in chat-rooms is not illegal, public
pressure would force authorities to do something. Public pressure
might also force the enactment of new unjust laws possibly rendering
my speeches illegal in the future.

Sometimes authorities are forced to arrest and imprison innocent law-
abiding citizens because of public outrage. At heart, the authorites
don't want to jail innocent people but they have no choice. Society,
being the evil scum it is, will overpower the police and force them to
illegaly imprison me. Crowds of sadistic human beings will overturn
police cars and start harming the police, if the police don't illegaly-
arrest me. Sort of like a lynch-mob mentality against the police and
me.

I need protection from this unlawful, public-forced treatment.

Sometimes society and the law are on opposite ends. This is one of
them.

That is why I would like to get a PC that doesn't any RAM that isn't
"purely-volatile" by my above definition.

Because I am a complete law-abiding citizen, I have nothing to hide
from the police. However, I have everything to hide from the public
and society.

In lynch-mob situations, police are powerless to do what they know is
right. The cops are helpless must be a slave to the evil society.

I respect the law, but I hate society.

For the HDD platters, even after you thoroughly delete, overwrite and
format a gazillion times, you're still on thin ice. The NSA and
Central Security Service have equipment they can use to recover data
from the magnetic platters on the HDD. The equipment they use is
*extremely* sensitive to *extremely* weak magnetic signals on the
magnetic platters. The only way to truly get rid off the data is to
heat the platters beyond Curie point. The cache chips in the HD might
also need to be burnt.

I am worried similar sensitive devices could be used to the extremely-
weak electric signals present in the volatile RAM chips and disc cache
chips. Except these devices would read electric -- not magnetic --
signals.

Due to the laws of physics, I suspect that the volatile RAM info might
-- to some extent -- exist even after the system is turned off. Sure
the wattage of those electric signals maybe *extremely*-low after shut
down, but that does not mean the signals are not there anymore -- they
are just way too weak to be detected and analyzed by ordinary means.
At the quantum level, the differences in wattage levels which
constitute what was the original volatile RAM info will continue to be
there in the chip.

I'm hoping this is just my paranoia and not true.

Also, the disc cache chips are another grave concern to me, they also
store RAM -- just not nearly as much as the platters of the HDD.

I wonder if there are any PCs for sale anywhere that are free of any
NVRAM devices and still work. The disdvantage of this is that nothing
can be saved. The advantage is, malware can't be planted in it. Such a
PC could connect to the internet and store text on websites -- for
example, I could 'save' something by emailing it to myself and then
accessing it later.


Thanks,

Radium

[GreenXenon]

I wrote:

"I am worried similar sensitive devices could be used to the
extremely-
weak electric signals present in the volatile RAM chips and disc
cache
chips."

Sorry that should read:

"I am worried similar sensitive devices could be used to *read* the
extremely-
weak electric signals present in the volatile RAM chips and disc
cache
chips."

I hate typos.

[GreenXenon]

On Dec 21, 5:28*pm, GreenXenon <glucege...@gmail.com> wrote:

> That is why I would like to get a PC that doesn't any RAM that *isn't*
> "purely-volatile" by my above definition.

OOPS, another typo.

I mean't to say:

"That is why I would like to get a PC that doesn't any RAM that *is*
"purely-volatile" by my above definition."

[Buffalo]

GreenXenon wrote:
> Hi:
>
> Can informating stored in volatile RAM still be recovered after the
> computer is turned off? I remember reading something on a forensics
> website that the evidence is not only on the platters of the HDD but
> also on the disk cache chips and the volatile RAM chips in the PC.
>
> Even if the PC is turned-off, the chips still contain sufficient
> amount of info that can be recoverd by top-secret devils of the NSA
> and Central Security Service. Apparenty they have some devices that
> can read EXTREMELY-WEAK electric signals from volatile RAM chips and
> recover what was lost then the power was turned-off. Is this true? If
> so, how to prevent this while still expressing my socially-
> unacceptable opinions on the internet?
>
> Are there any RAM chips that are PURELY-VOLATILE and that will lose
> all info when power is lost? If so, I'm thinking of buying a PC which
> uses these chips. As soon as I turn off the comp, no info remains at
> all.
>
> This is another reason I was discussing about RAM chips in another
> thread a few of minutes ago.
>
> Please note that I do not plan to write anything illegal on the net --
> no threats, no confession, etc. However, I would like to express my
> opinions in chat rooms w/out facing negative consequences.
>
> My opinions differ from that of the general public and I want to
> forcefully-express my vulgar, obscene, and socially-unacceptable
> opinions in chat rooms [such as Yahoo-chat, ICQ, IRC, chat-zone, and
> spin-chat] without being falsely-accused of crime.
>
> While what I would like to write in chat-rooms is not illegal, public
> pressure would force authorities to do something. Public pressure
> might also force the enactment of new unjust laws possibly rendering
> my speeches illegal in the future.
>
> Sometimes authorities are forced to arrest and imprison innocent law-
> abiding citizens because of public outrage. At heart, the authorites
> don't want to jail innocent people but they have no choice. Society,
> being the evil scum it is, will overpower the police and force them to
> illegaly imprison me. Crowds of sadistic human beings will overturn
> police cars and start harming the police, if the police don't
> illegaly- arrest me. Sort of like a lynch-mob mentality against the
> police and me.
>
> I need protection from this unlawful, public-forced treatment.
>
> Sometimes society and the law are on opposite ends. This is one of
> them.
>
> That is why I would like to get a PC that doesn't any RAM that isn't
> "purely-volatile" by my above definition.
>
> Because I am a complete law-abiding citizen, I have nothing to hide
> from the police. However, I have everything to hide from the public
> and society.
>
> In lynch-mob situations, police are powerless to do what they know is
> right. The cops are helpless must be a slave to the evil society.
>
> I respect the law, but I hate society.
>
> For the HDD platters, even after you thoroughly delete, overwrite and
> format a gazillion times, you're still on thin ice. The NSA and
> Central Security Service have equipment they can use to recover data
> from the magnetic platters on the HDD. The equipment they use is
> *extremely* sensitive to *extremely* weak magnetic signals on the
> magnetic platters. The only way to truly get rid off the data is to
> heat the platters beyond Curie point. The cache chips in the HD might
> also need to be burnt.
>
> I am worried similar sensitive devices could be used to the extremely-
> weak electric signals present in the volatile RAM chips and disc cache
> chips. Except these devices would read electric -- not magnetic --
> signals.
>
> Due to the laws of physics, I suspect that the volatile RAM info might
> -- to some extent -- exist even after the system is turned off. Sure
> the wattage of those electric signals maybe *extremely*-low after shut
> down, but that does not mean the signals are not there anymore -- they
> are just way too weak to be detected and analyzed by ordinary means.
> At the quantum level, the differences in wattage levels which
> constitute what was the original volatile RAM info will continue to be
> there in the chip.
>
> I'm hoping this is just my paranoia and not true.
>
> Also, the disc cache chips are another grave concern to me, they also
> store RAM -- just not nearly as much as the platters of the HDD.
>
> I wonder if there are any PCs for sale anywhere that are free of any
> NVRAM devices and still work. The disdvantage of this is that nothing
> can be saved. The advantage is, malware can't be planted in it. Such a
> PC could connect to the internet and store text on websites -- for
> example, I could 'save' something by emailing it to myself and then
> accessing it later.
>
>
> Thanks,
>
> Radium

Immediately after shutting down the machine, remove ram sticks and put them
in a microwave oven for 2 min, if it is 1100watts or higher.(longer if the
rating is lower)
Then hang them on your Christmas Tree.
PS: Hopefully your microwave oven doesn't become inoperative. (Putting a
small glass of water in it helps prevent damage.)

[GreenXenon]

On Dec 21, 5:56*pm, "Buffalo" <E...@nada.com.invalid> defecated:

> Immediately after shutting down the machine, remove ram sticks and put them
> in a microwave oven for 2 min, if it is 1100watts or higher.(longer if the
> rating is lower)
> Then hang them on your Christmas Tree.
> PS: Hopefully your microwave oven doesn't become inoperative. (Putting a
> small glass of water in it helps prevent damage.)- Hide quoted text -

hahahahaha, very funny.

No offense but I would appreciate some real advice. Please.

[David H. Lipman]

From: "GreenXenon" <glucegen1x@gmail.com>

| On Dec 21, 5:56 pm, "Buffalo" <E...@nada.com.invalid> defecated:

>> Immediately after shutting down the machine, remove ram sticks and put them
>> in a microwave oven for 2 min, if it is 1100watts or higher.(longer if the
>> rating is lower)
>> Then hang them on your Christmas Tree.
>> PS: Hopefully your microwave oven doesn't become inoperative. (Putting a
>> small glass of water in it helps prevent damage.)- Hide quoted text -

| hahahahaha, very funny.

| No offense but I would appreciate some real advice. Please.

Real dvice ?

This is not the subject matter of alt.privacy.spyware nor probably of
alt.privacy.anon-server.

It is subject matter of alt.computer.security to where you Multi-Cross-Posted this to.

You should worry MORE about tempest monitoring then if there may be latent data in
existent volitile RAM.

The fact is you information is available troough MANY sources that you may not be aware
of.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[nemo_outis]

GreenXenon <glucegen1x@gmail.com> wrote in news:554adaec-a98f-4f97-9ccf-
8b5adebd401e@v39g2000pro.googlegroups.com:

> Can informating stored in volatile RAM still be recovered after the
> computer is turned off?


You are presumably reacting 10 months late to the paper:

Lest We Remember: Cold Boot Attacks on Encryption Keys
http://citp.princeton.edu/pub/coldboot.pdf

I and many others consider this paper to be sensationalist and even
somewhat dishonest, and are especially dismayed that it was thrust out in
a shameless self-promoting way without peer review. The kindest thing
that can be said for it is that, while it introduced nothing new, it
reminded people of a long-known effect, RAM remanence.

It has been known at least snce the 1970s that RAM preserves state for
some time after removal of power (RAM is, after all, essentially just
capacitors) and the the length of time before full discharge is extended
by cooling.

With that out of the way, it can be said that, for most modern RAM
memory, waiting about a minute after power off is more than sufficient to
ensure that RAM is not recoverable. (If you think you may be subject to a
no-knock raid, harden your machine with automatic shutoff and obstacles
to memory access that will take at least a minute.)

For extreme paranoids the following "double shutdown" drill removes all
doubt: Shut off the computer normally, reboot it from a CD and run a
memory zeroisation program, and then shut down for the second final time.
(If your BIOS supports a "long memory check on POST" option, then the
shutdown-reboot-shutdown-again drill does not require a CD, zeroisation
software, etc. Just shutdown-reboot with long memory test-shutdown).

For learning about additional subtleties, google is your friend.

Regards,

[Ari]

On Sun, 21 Dec 2008 22:16:22 -0500, David H. Lipman wrote:

> From: "GreenXenon" <glucegen1x@gmail.com>
>
>| On Dec 21, 5:56 pm, "Buffalo" <E...@nada.com.invalid> defecated:
>
>>> Immediately after shutting down the machine, remove ram sticks and put them
>>> in a microwave oven for 2 min, if it is 1100watts or higher.(longer if the
>>> rating is lower)
>>> Then hang them on your Christmas Tree.
>>> PS: Hopefully your microwave oven doesn't become inoperative. (Putting a
>>> small glass of water in it helps prevent damage.)- Hide quoted text -
>
>| hahahahaha, very funny.
>
>| No offense but I would appreciate some real advice. Please.
>
> Real dvice ?
>
> This is not the subject matter of alt.privacy.spyware nor probably of
> alt.privacy.anon-server.
>
> It is subject matter of alt.computer.security to where you Multi-Cross-Posted this to.
>
> You should worry MORE about tempest monitoring then if there may be latent data in
> existent volitile RAM.
>
> The fact is you information is available troough MANY sources that you may not be aware
> of.

You'll have to excuse Lipman, he's running a temperature since he found
out Army Intelligence supports his favorite freeware Botnet.

To answer your question.

Yes.
--
Meet Ari!
http://tr.im/1fa3