That's a blast from the past. Yes, Dan Holcomb used the term "FERNS" in his project to harvest true randomness and "ID" fingerprinting bits from uninitialized SRAM at power-up. In retrospect, it might have made more sense to use the term "PUF." Bygones. He's now out at Berkeley. The IEEE Transactions on Computers journal version of the FERNS paper goes into more detail on things like negative bias temperature instability (NBTI). And Dan's latest work on using SRAM for significantly more "ID" fingerprint bits appears at RFIDsec 2012.

https://spqr.cs.umass.edu/publications.php?q=holcomb

The idea of using SRAM from graphics cards would be a nice twist. But SRAM isn't the only building block on the chip (note the reverse poetry)---could be other cleverness too! I look forward to reading about the work.

Oh. And one more thing. Bad Wolf.

bullshit. he got the same rate everyone else was getting, the same rate i got. the only corruption in this case is with the dirty journalists and their stooges. yes, you.

We were surprised to suddenly get attention to this paper, but apparently Slashdot readers are watching the security seminar at UMass Amhest.

Anyhow, we will be answering questions in this thread. So if you have any questions, post them here and Dan Holcomb will get back to you as soon as he can.

Cheers,
-Kevin Fu

That's why OpenBSD allows you to encrypt your swap.
Provos wrote this in 2001: Encrypting Virtual Memory

The new scientist sort of misrepresented the findings of the paper. The fact that passwords and other sensitive information gets retained on swap for a long time. The paper was looking at memory tainting, i.e. if an application handles a password where does it end up in memory. The results were slightly surprising. Nontheless, most people would be even more surprised to see how much sensitive information ends up in swap. That's why you want to encrypt your swap partition.