“Today eight colleagues and I are releasing a significant new research result. We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux.
The root of the problem lies in an unexpected property of today’s DRAM memories. DRAMs are the main memory chips used to store data while the system is running. Virtually everybody, including experts, will tell you that DRAM contents are lost when you turn off the power. But this isn’t so. Our research shows that data in DRAM actually fades out gradually over a period of seconds to minutes, enabling an attacker to read the full contents of memory by cutting power and then rebooting into a malicious operating system.”
Here is some more Tech News from around the web:
- Internal bluetooth for 5th gen iPods @ Hack a Day
- GDC Needs a Reboot @ ExtremeTech
- Talking sports with EA Tiburon GM Philip Holt @ Ars Technica
- Intel to add more entry-level CPUs to Santa Rosa platform; SFF Montevina pricing revealed @ DigiTimes
- TRENDnet TEW-633GR Wireless N Gigabit Router @ Techgage
- Samsung DVD-F1080 @ Hardware Zone
Not as forgetful as you might think
boingboing linked to a story about an interesting property of DRAM, and what it means for your security. With some ingenuity and quick reflexes it is possible to beat disk encryption, and not just on Windows. There are several links to videos and papers covering this attack process.