AerialTest@lemmy.worldOPtoPrivacy@lemmy.ml•What is the point in using tails memory amnesic feature when ISP can simply look at logs and correlate the times you used tor?
44·
11 months agoThat’s not what I’m saying. The point I’m making is tails feature where it wipes memory when turned off is pointless because ISP can look at the times of tor usage and see what times you were likely using tails, which us why I ask if there is any point in using it?
I think this comment is very arrogant and unhelpful. “I think you should get on the Tails site and educate yourself further to better understand use cases for tails” - instead of telling me what the use cases for tails actually are… Maybe you yourself don’t even know and hence referring me to their website…
Anyhow, I did as you said and researched on tails website what the point of their memory erasure is and was actually hard pressed to find specific detail on what the memory erasure feature is actually intended to do and on their own website https://tails.net/contribute/design/memory_erasure/
"In order to protect against memory recovery such as cold boot attack, most of the system RAM is overwritten when Tails is being shutdown or when the boot medium is physically removed. "
So, the memory erasure is purely to prevent any kind of memory recovery… Granted this doesn’t really go into any specifics. But the point I was making in this post was Law enforcement are able to pull logs from ISP and see your for usage and so hence they can correlate that and have a decent idea of the times that you were likely using tails.
However, I do believe another user in this thread has cleared up why they do this memory erasure and its to more specifically stop attackers from extracting things like websites visited.
I looked online to figure out what data can be obtained using a cold boot attack and wasnt’t really able to find anything specific enough and so I asked chatgpt and it came back with the below:
"Login Credentials: Usernames, passwords, or other authentication tokens that were in use before the reboot.
Open Files and Documents: Content of files and documents that were open and active in RAM.
Cryptographic Certificates: Digital certificates and keys used for secure communication.
Browser Session Data: Active browser sessions may contain login information, session tokens, or browsing history.
Decryption Keys: Keys used for decrypting encrypted data stored on the computer.
System and Application Data: Configuration settings, temporary data, and other information related to the operating system and running applications."