These are a perfectly good way to back up the first half of your original statement, "No. At least not reliably"
But "due to how the keys are stored in RAM" is not true. And that's the part that got objected to.
You're not being nitpicked on a technicality here. You mixed up the techs you were talking about in a way that makes a significant difference. Bringing in all these references might be useful to people, but you could have just said "oh, I meant disk encryption by that part" instead of getting sassy and doubling down on saying incorrect things with "Did you read any of my referenced links? You cannot state this when the paper and well known attack methods disprove your statement."
In my first comment I literally mentioned BitLocker, which, as I pointed out correctly, stores its keys either in RAM or on the TPM chip.
If you gonna rip apart my comment into parts without context, at least do it with all parts.
Note that I didn't start the discussion about where the key is stored, someone replied to my initial comment - in the context of BitLocker - saying that the CPU stores the key, which is incorrect.
My initial point was not about how secure enclaves work in practice. Though I argued that most implemented follow-up technologies don't work reliably due to how the OS always interfaces with unpatchable firmware bugs.
While I agree this is the only way to fix the coldboot attack problem I don't see the technology as reliable as of today, and I don't understand why you think I am wrong with that statement?
If you don't agree: show papers with counter measures, and how to prevent the exploits and bypasses.
> In my first comment I literally mentioned BitLocker,
You did mention bitlocker. But it was unrelated to RAM encryption, and you acted like it was related.
Everything you said about bitlocker was true, but the way you brought up bitlocker was itself the problem.
> someone replied to my initial comment - in the context of BitLocker
No they did not. Your answer did not make a new separate context for just bitlocker. You muddled bitlocker and RAM encryption. They replied in the original context, because you said that RAM encryption stores the key in RAM during standby.
Whether you intended to say that or not, it's what you said. Go back and read the original comments. You directly said that line about RAM encryption, not just disk encryption.
"> > As a naive outsider: Does RAM in 2023 encrypt all its contents?"
"> No. At least not reliably, due to how the keys are stored in RAM as well (e.g. when in standby mode, or when a laptop lid is just closed)."
> I don't see the technology as reliable as of today, and I don't understand why you think I am wrong with that statement?
I was reading my comments again, and I can understand how someone might interpret them differently.
Granted, I should have formulated it probably differently and specifically differed between secure enclaves, memory encryption and full disk encryption problems to be more clear about it.
These are a perfectly good way to back up the first half of your original statement, "No. At least not reliably"
But "due to how the keys are stored in RAM" is not true. And that's the part that got objected to.
You're not being nitpicked on a technicality here. You mixed up the techs you were talking about in a way that makes a significant difference. Bringing in all these references might be useful to people, but you could have just said "oh, I meant disk encryption by that part" instead of getting sassy and doubling down on saying incorrect things with "Did you read any of my referenced links? You cannot state this when the paper and well known attack methods disprove your statement."