The researchers at Erlangen University in Germany would like to offer some advice: don't put that Android 4.0+ phone in the freezer. It's been discovered that even on a phone with PIN security and encryption, data can be retrieved from the device via a cold boot attack - that is, the process of turning on the desktop, notebook, smartphone or et cetera and then sucking down the data stored in RAM before it's wiped clean during the boot process.
Normally, a "cold boot" attack doesn't actually refer to cold temperatures, but in this case it does. With the help of its "FROST" tool-set, the researchers found that when the Android phone is tossed into a -15°C freezer for up to an hour, it adds a couple of seconds of time to the boot sequence and in effect allows an attacker to gain access to more data than they normally would. While a normal user is never going to subject their phones to conditions like that on purpose, if an attacker is in possession of your phone, they can probably afford to wait while it chills.
This kind of attack isn't going to be common, but the fact that it can be done at all highlights some security issues on the platform. When a phone is shut down, one of its final steps before turning off should be to purge left-over data in the RAM. Sometimes, this isn't necessary if encryption is involved, but in this particular case, the actual encryption keys could be accessed as well. That means the attacker could then gain access to the phone as normal once the attack is finished.
Select data found with this attack includes Web browser history, images and e-mails, though it's expected that virtually any bits of data could be found if it happened to have been stored in the RAM.
For forensic experts, this kind of flaw is a great thing, but for consumers, it's hardly ideal, and a stark contrast to other areas where Google tries to keep its users safe.
"This kind of attack isn't going to be common, but the fact that it can be done at all highlights some security issues on the platform."
A little research - or some human-brain memory - would reveal that the same process can be used to snatch data from laptop or desktop PC memory, and while I don't know if anyone has tested the theory, the principle should likewise apply to iOS and Blackberry devices as well.
This form of attack has been known since at least 2008. Google for "Cryogenically frozen RAM bypasses all disk encryption methods"
And try doing a little research of your own before you rush to publish, and embarrass yourself and Hot Hardware (again).
"This kind of attack isn't going to be common, but the fact that it can be done at all highlights some security issues on the platform." refers to the attack on smartphones. I'm well-aware of the attack having existed before. But I appreciate the insults nonetheless.
NEWS TIPS |
This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or hisassociates. All products and trademarks are the property of their respective owners. All content and graphical elements areCopyright © 1999 - 2013 David Altavilla and HotHardware.com, LLC. All rights reserved. Privacy and Terms