Take a seven dollar can of compressed air from any office supply store. Flip it over, and spray its liquid nitrogen on a computer’s DRAM, or digital random access memory. Reboot the computer, or even extract the DRAM chip and clone it, then run a few relatively simple programs. Nothing that would defeat an intermediate level programmer.
It’s that easy to bypass the most popular forms of hard disk encryption software. From Windows Vista, to Mac OSX, to various flavors of Linux, it appears that all major operating systems are highly vulnerable.
Conventional wisdom held that DRAM memory was rapidly volatile, causing all of its information to fade as soon as power to a computer is cut. However, researchers with Princeton’s School of Engineering and Applied Science department have recently proved that false.
By tipping the can of air upside down over a laptop’s DRAM chips, the nitrogen gas freezes the chip within seconds. When it’s frozen, the memory can stay fresh for longer than ten minutes — more than enough time to steal the encryption keys that allow easy access to the hard drive’s data.
In their paper, titled, “Lest We Remember: Cold Boot Attacks on Encryption Keys,” they say, “We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount successful attacks on popular disk encryption systems using no special devices or materials.”
The revelation and airtight research have knocked the computer world for a spin, as laptops containing military information to proprietary corporate research are now wide open.
In their paper, the researchers observe that many computers with inefficient cooling systems do not need the benefit of liquid nitrogen at all. The DRAM stays cool enough on its own to simply reboot the computer with the proper access tools.
The researchers end their abstract by noting, “Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.”
See also: The New York Times
Leave a Reply