2

I would like to set up a Rasberry Pi and connect a large USB Harddrive and some webcams to run motion for homesurveillance.

If I am understanding everything correctly if I get Ubuntu mate to run with the TRESOR kernel patch the system would be immune to DMA and cold boot attacks.

Junior J. Garland
  • 677
  • 5
  • 15
  • You may want a server to stream to, in case someone physically steals the Rasberry Pi – paj28 Aug 04 '15 at 12:45
  • 1
    What are you trying to protect against? Physical attacks or virtual attacks? – Neil Smithline Aug 04 '15 at 15:34
  • Both but with this project mainly against someone tryin to mess with my equipment in my appartment. I don't trust locks. – Junior J. Garland Aug 04 '15 at 21:04
  • 1) Raspberry Pi has an ARM processor. TRESOR only works on x86 processors. 2) TRESOR has nothing to do with DMA attacks and does not protect against them. If you want something which uses TRESOR and which also protects against DMA, have a look at a similar project called TreVisor. However it will not work on a Raspberry Pi either. – forest Apr 08 '16 at 00:02

1 Answers1

4

The TRESOR kernel patch is for x86 processors, as it uses the x86 debug registers to store private key information (at the cost of disabling hardware debugging). The Raspberry Pi is based on ARM architecture, which is completely different.

I'm not sure you actually gain anything from running TRESOR on a Raspberry Pi in any case - even if it was supported - because the memory on a Pi is soldered to the board. It's not user-replaceable.

Frankly, if you don't trust locks, there isn't much point in installing anything of interest on the site itself: You'd be better off setting up a router, and having the (internet-enabled - maybe streamed via your Pi?) cameras stream content to a server hosted on the internet somewhere. Maybe an Amazon instance, maybe something else in the cloud: How you want to do that is up to you. At the end of the day, TRESOR or not, if someone got in and simply stole your Pi and hard disk, you'd never know who did it, because they'd be holding the only digital evidence. But if that same someone came in and unplugged your router - and got caught on camera in the process, you'd at least have some recorded evidence that you could use.

(Assuming they didn't trip the power breaker for your apartment, first...)

You need to decide what you want, here: TRESOR solves all the wrong problems. If you still want to pursue defence against cold-boot attacks, despite what has been said here, you could take a look at ARMORED, which you could simply view as a version of TRESOR for ARM architectures.

Oliver Jones
  • 167
  • 3
  • It's not entirely true to say that it solves the wrong problems. A cold boot attack does not need to rely on physically removing the memory, as you can effectively reboot the computer into a custom bootloader with a small memory footprint to copy RAM. – forest Apr 07 '16 at 23:59
  • @forest: It doesn't solve the rather obvious problem that an attacker could simply pick up both the Pi and/or hard disk and simply take it with them. That is what I meant by solving the wrong problems. Granted, if an attacker wanted to *modify* evidence, yes, you might have a point. But I think this is rather far-fetched: If I wanted to muck around in the apartment without anyone being able to tell what had happened, I would simply remove the video evidence. That is why I suggested streaming video to another site: Confidentiality and integrity are of little use if availability is missing. – Oliver Jones Apr 08 '16 at 15:47
  • 1
    The purpose of TRESOR is to preserve confidentiality against cold boot attacks, that's all. I don't see how using TRESOR is solving the wrong problems, when the problem is cold boot attacks violating the requirement of confidentiality. And availability is not always as important for every threat model. For example, you might have content that could get you arrested. If you use TRESOR, that could save you from 20 years in prison. Sure, it would be taken from you, but it would be *available* shortly after you restore from backups to a new machine. – forest Apr 09 '16 at 03:18