Talk:End-user Computer Security/Main content/Simple security measures

Is sleep mode more secure than shutdown or hibernate mode?
Trammell Hudson briefly deals with whether computers should be completely shutdown, or suspended, in relation to security (see https://trmm.net/Heads_FAQ#suspend_vs_shutdown.3F). This comparison can be extended to whether computers should be powered-on, or powered-off, in relation to security. It may well be better for a computer to be powered-on as in such a state, it can be more difficult to carry out certain classes of attack. In conjunction with a computer being powered-on, computer-driven event logging can be activated, to provide even more security.

A 'sleeping' computer can perhaps be made more secure if the computer is designed to 'incinerate' security keys (cf. §"Destroy_key_when_attacked") in the event of a hard shutdown (opposite of graceful shutdown, such shutdowns possibly being instigated by intruders wanting to perform tampering on the computer whilst it's in a powered-off state) as well as in the event the computer detects system tampering (such detection being possible whilst the computer is turned-on, at least to a certain extent). This can possibly be implemented by moving (and not simply copying) the keys from non-volatile memory (such as a TPM, BIOS/UEFI firmware, or system disk), to volatile memory, whilst the computer is in operation. Upon a graceful shutdown, the keys would then be moved back to non-volatile storage. With such a set-up, a hard shutdown would result in the loss of the keys. It should be noted that data can sometimes be recovered from powered-off volatile memory (see here for more about this); in light of such, perhaps certain kinds of volatile memory that properly get wiped when losing power, ought to be chosen.

Sleep-mode on computers can potentially be leveraged for higher security, when running an OS only from volatile system RAM. A computer need not make use of system disks, or live CD/DVDs, for weeks and maybe even months at a time, by simply running the OS straight from volatile system RAM, and putting the computer to sleep during periods when it is not needed. This would likely improve security so long as the OS were properly locked (whether by use of passwords or otherwise) to prevent illegitimate users from doing normal user actions, because it is probably more difficult to tamper with volatile-system-RAM data in a constantly-on OS-locked computer than with data on non-volatile data mediums (such as system disks and live DVDs). The security would also be higher, because such a method of computing would also provide extra tamper detection and tamper evidence. It would likely be difficult to fiddle with the OS as loaded into volatile system RAM on such a computer, whilst the computer is on, as such fiddling would probably result in a corruption of the computer's state, and would then provide some tamper evidence and tamper detection; the computer perhaps would be 'frazzled' such that it required a reload into the volatile system RAM of the whole OS. To ensure better that such 'frazzling' takes place as a form of tamper evidence and tamper detection, the OS could be stored in volatile system RAM only as encrypted data. To be even more secure with respect to preventing the stealing of user data, unused portions of the volatile system RAM could be zeroed (securely wiped) before the computer is put to sleep, to prevent 'forensic' methods from recovering data deleted only using shallow-depth deletion methods (see here for info about data being able to be recovered from powered-off volatile RAM.) Such a system could perhaps be used in conjunction with a Raspberry Pi set-up, where in the eventuality that tampering were detected, a brand-new Pi set-up could be purchased (at a low price because Pi devices are cheap), and the old set-up sold-on as either spare parts, or as components potentially not secure. A Raspberry Pi set-up would also be good, as placing the system into "sleep" mode would likely not require much power, and because batteries, as opposed to a powered mains supply, could supply such power during the "sleep" mode, thereby overcoming attacks focused on disrupting the mains supply of electricity. This kind of set-up was proposed in the forum topic entitled "Secure computing using Raspberry Pi for business purposes" on the Raspberry Pi forums. Such a set-up could also potentially be used for storing cryptography keys, and certain files especially needing not to be corrupted, in such ways, that they are less prone to being maliciously corrupted than if they were stored in non-volatile mediums. These principles may be in effect with certain constantly-on servers, and it could be useful looking at the security principles in play for "permanently on" servers, to get further guidance regarding these things.