Mullvad's public encrypted DNS Servers run in RAM now - eviltoast
  • BackpackCat@lemmy.world
    link
    fedilink
    English
    arrow-up
    21
    ·
    1 year ago

    I use mullvad and I’m too dumb to understand what this means. Can one of lemmy’s many IT experts ELI5?

    • pelya@lemmy.world
      link
      fedilink
      English
      arrow-up
      65
      ·
      1 year ago

      This makes it harder for russian military to steal one of Mullvad servers to track your porn usage over VPN - once they unplug it, all links to porn will be gone.

      • nevemsenki@lemmy.world
        link
        fedilink
        English
        arrow-up
        17
        arrow-down
        1
        ·
        1 year ago

        If they get hacked, your data is still there until a reboot, though. This is more useful against state authorities taking servers than hackers.

        • bamboo@lemm.ee
          link
          fedilink
          English
          arrow-up
          22
          arrow-down
          1
          ·
          1 year ago

          That’s not how ram works, at least not generally. Unless frozen to an extremely cold temperature, ram loses its value very quickly and needs constant power to retain data. If a server were to lose power at normal operating temperatures, there would be nothing significant left to recover within a few seconds.

          • Traister101@lemmy.today
            link
            fedilink
            English
            arrow-up
            28
            ·
            edit-2
            1 year ago

            I think they mean somebody gains access to the server/s thereby they could look at the ram while it’s still actively running.

            • nevemsenki@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              1
              ·
              1 year ago

              Yeah, as long as the OS is running, it doesn’t matter if its from a ramdisk or SSD/HDD.

          • barsoap@lemm.ee
            link
            fedilink
            English
            arrow-up
            5
            ·
            1 year ago

            It’s nothing that can’t be overcome with forensic equipment, though. With the right set of tools you can even take the sticks out of the server while it’s still running and retain the data, that’s why RAM encryption is a thing. For the really paranoid, homomorphic encryption.

      • ElectroNeutrino@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        2
        ·
        1 year ago

        Harder, yes, but still good to note not impossible. There’s some cryogenic techniques that allow them to preserve what’s on the RAM long enough to read it.

        • symbioticremnant@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          It’s a bit of a long shot, and I’m not sure if it’s just theory or proven in reality. The idea is that you literally freeze the memory at a cold enough temperature to freeze the state of the memory, and then swap the memory into a machine with power in order to read or dump the data

          • ElectroNeutrino@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            1 year ago

            It’s a variation of a cold boot attack. Instead of forcing an OS crash and rebooting into an OS connected to a portable drive, you cool the memory to extend the time you have before the data degrades and can then do whatever you want with it. I believe you can extend it up to a week.

            https://citp.princeton.edu/our-work/memory/

    • chwilson@lemmy.world
      link
      fedilink
      English
      arrow-up
      20
      ·
      1 year ago

      From what I understand it means there’s no persistence on disk of any traffic/data, it’s entirely in memory, so less risk of data being stolen or leaked