Thought experiment. 2 guys in a room on 2 computers. One uses Tails, other full disk encryption, say, Mac FileVault,with a long-ass passphrase. They're doing equially shady things. The door says "BOOM!!! FBI!!!" The guys barely have the time to power off their computers before they find themsleves face down on the floor. Only the evidence collected from the 3 devices is determined admissible in court. Which guy is more likely to be convicted and why?
/u/kroot · N/A votes · 6th May, 2024 - 22:50 · Link
idk lol.... i'm interested to see what people have to say.
/u/___Nelson___ · N/A votes · 6th May, 2024 - 23:20 · Link
The guy with full disk encryption, You see there is a vulnerability on the ram called a "Cold boot attack". This is when you can dump the ram and even getting the encryption keys. But this is not an issue for tails as if tails is shut down the ram is overwritten with random data.
/u/zlxjy75iuxkulewbh · N/A votes · 6th May, 2024 - 23:58 · Link
Excellent idea. The feds can analyze the memory of the computer which isn't whiped out when screen is locked. But is the memory whiped out in the other computer when Tails USB is pulled out? PS I'm going to modify the original question because othis comment. See if you have an answer to the revised question.
/u/itYM8LXLb9YPQR5zgRhq29f1h · N/A votes · 7th May, 2024 - 22:29 · Link
The guy with full disk encryption lol. Because though its encrypted the data is still on the device, and there is a possibility that a cold boot attack can happen on him, Tails on the other hand has no data because of amnesia. But also you can use programs on any Linux distribution that will also overwrite the RAM on shutdown to prevent this so if the full disk encryption guy properly configured their device they are both safe.