Published in News

Disk encryption can be foiled

by on31 July 2008

Image

Cold boot attack


Disk encryption
could be pants at protecting data on laptops, according to insecurity experts.

The Usenix security conference security heard about a new hack which allows an attacker can cut power to a machine that is in sleep mode, restore the power, and boot a malicious operating system from a USB drive or an iPod that can copy the RAM contents. Princeton University researchers led by J. Alex Halderman said that the contents of the RAM are not lost when the power is turned off.

RAM data fades gradually over a period spanning from a few seconds to a few minutes after the power is cut  and this gives an attacker time to read the RAM data, including encryption keys, after rebooting into a different operating system or removing the memory chips and placing them into a different computer.

If you spray the ram chip with canned air you can get  a few more minutes out of it and if you have a spare bit of liquid nitrogen you could take days to retrieve the data if needed.

More here.
Last modified on 31 July 2008
Rate this item
(0 votes)