- (from the images on http://citp.princeton.edu/)
http://www.boingboing.net/2008/07/19/cold-boot-encryption.html
The complete article is called "Lest We Remember: Cold Boot Attacks on Encryption Keys": J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten.
(Here's the link http://citp.princeton.edu/memory/)
Basically, the idea is to (literally) freeze the RAM of a computer, remove the data trapped in that state, and extract valuable information by looking for search strings in that data.
OK, color me impressed.
It seems like the only limits of such a hack are logistic - a thief would have to physically grab the computer and attack it; either with a cord plugged in or a removal of the frozen RAM.
This attack essentially makes encryption obsolete! There's no use for encryption when someone can download the 'state' of the computer as it exists.
Applebaum in the video makes note of some technology on RAM where the BIOS or hardware will clear the RAM's state prior to booting up again, or when temperature drops, making sure that a cold attack will not work. Still, I imagine there are ways around those prevention measures also.
Sigh, it seems to be another one of those Mad Magazine Spy vs. Spy problems - bigger encryption, more techniques to get rid of that encryption.
I wonder if there's a Moore's Law type of phenomenon in effect.
No comments:
Post a Comment