What volatile memory means
Volatile memory — RAM — loses its contents the moment power is cut. This is in contrast to non-volatile storage like flash, SSDs, hard drives, or cloud databases, which retain data without power. A network monitor that stores DNS traffic in volatile memory only has a specific property: when you pull the plug, the data stops existing. It doesn't get deleted. Deletion implies it was stored somewhere first and then removed. It was never stored anywhere permanent. It stops existing because the medium that held it requires electricity to maintain state.
This is the strongest privacy guarantee a hardware device can make. Not a promise in a privacy policy. Not a setting you have to enable. A physical property of the hardware.
How most devices handle data
Most network hardware — routers, firewalls, security appliances, monitoring tools — writes data to permanent storage. Logs go to flash. Configurations persist across reboots. Some devices sync to the cloud. The data survives power cycles, firmware updates, and factory resets (sometimes even the latter doesn't fully wipe everything). This is useful for debugging, historical analysis, and remote access. It's also useful for anyone who wants to subpoena, seize, or remotely extract that data later.
The standard approach to privacy in these devices is a policy: "we retain data for X days, then delete it." That policy is only as good as the entity enforcing it. If the company changes its policy, gets acquired, or receives a legal order, the data is there — sitting on flash, waiting to be read.
Why no data retention is different
A network monitor with volatile memory only doesn't have a data retention policy. It has a data retention impossibility. There is no flash to read. There is no cloud to subpoena. There is no historical database to query. The DNS traffic the device watched five minutes ago exists only if the device is currently powered on. The moment it isn't, the data is gone — not deleted, not overwritten, not encrypted. Gone.
This changes the threat model. If someone takes the device, there's nothing on it. If someone sends a legal order for stored data, there is no stored data to produce. If the firmware has a bug that leaks data, the leak stops the moment power is cut. The guarantee is physical, not legal.
What you give up
No permanent storage means no history. You can't look at what your network was doing yesterday. You can't generate a weekly report. You can't track trends over time. The device shows you what's happening right now, and when you stop watching, the record is gone.
For some use cases this is a real limitation. If you need compliance logs, long-term traffic analysis, or incident forensics, a volatile-memory device is the wrong tool. But for the use case it's built for — seeing what your network is doing right now, without creating a permanent record of it — it's the right trade-off.
How Known implements it
Known uses a 150-entry ring buffer in SRAM to store recent DNS queries. SRAM is volatile — it's the same type of memory that holds your CPU's registers. When the device is powered on, the buffer fills with queries as they happen, overwriting the oldest entries when it's full. When you open the dashboard in a browser, you see what's in the buffer. When you pull the USB cable, the buffer empties. Not because the firmware runs a cleanup routine. Because the electrons that held the data are gone.
The firmware writes zero bytes to flash during normal operation. There is no log file. There is no cache. There is no database. The only thing stored in permanent storage is the firmware itself and the cryptographic keys used for device attestation — neither of which is user data.
The verification problem
A privacy claim is only worth something if you can check it. "We don't store your data" is a sentence anyone can write. "The firmware writes zero bytes to flash during normal operation" is a claim you can verify by reading the source code. Known's firmware is open source — every line that handles DNS queries, every line that writes to memory, every line that could potentially store data is public. If the claim is wrong, someone will find it.
This is why open source firmware and volatile memory work together. The hardware guarantees that powered-off means data-free. The open source firmware lets you confirm that powered-on doesn't secretly write to flash somewhere. One guarantees absence after the fact. The other guarantees absence during operation. Together they cover the full threat model.
When this matters
For most home users, the value is peace of mind. Your DNS browsing history — every domain every device in your house queried — doesn't persist. It's not sitting on a device waiting to be read. It's not synced to a cloud account. It exists for as long as you care to look at it, and then it doesn't.
For users in higher-risk situations — journalists, activists, anyone who worries about physical seizure of hardware — the value is more concrete. A device that holds no data can't produce data under compulsion. The guarantee isn't a policy decision. It's physics.
Volatile memory isn't a feature you configure. It's a design choice that eliminates an entire category of risk. No data retention means no data to leak, no data to steal, no data to subpoena. The simplest privacy guarantee is the one that's physically impossible to violate.