My comments are not to say it isn’t worth understanding this exploit, it’s just a fascinating topic and I’m not yet sure such an exploit has any real risk without physical access (but someone deploying a system for remote edge computing without a secure container might have a real risk). I myself would pretty much give up on security being “strong” in cases where the attacker has the ability to physically access and reinstall part of the boot environment via flash…I don’t know of any PC or other installation which is safe after a third party install disk was allowed to run. The other part of interest was where it mentioned being able to read memory after an improper shutdown:
"That is when sensitive data becomes available to attackers via a computer’s RAM because the machine wasn’t
shut down properly."
There are a number of articles out on the internet about something similar in PCs, whereby a system which has been shut down usually leaves the RAM with the data which was in the RAM at the moment of shutdown; then by physically accessing the PC and using the right hardware one can look directly at the memory and read its content from before the shutdown. If you can imagine the amount of trouble it would take to read the DIMM content of a PC while it is shut down (but on standby) then it becomes obvious this would be a very advanced attack even with physical access. To prevent that it would be necessary to either cut power entirely, without any kind of standby mode so that RAM loses state, or to reboot to something like memtest86+ to randomly alter all of the RAM (if you were to add content to randomize RAM at shutdown, then you would simply wait for an improper shutdown which skips randomizing RAM).