funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Researchers release 'cold boot' attack utilities

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Wed, 23 Jul 2008 00:52:06 +0300 (EEST)
"The security researcher who demonstrated the 'cold boot' attack has released the source code for the hack.
The attack, first demonstrated in February, uses a set of utilities to lift crypto keys from memory even after a reboot.

A boon for hackers and computer forensics experts alike, the approach created a means to circumvent disk encryption 
simply by powering off a target machine which has been left hibernating or screen-locked,
and quickly re-booting it to an external hard drive loaded with customised software.
The attack worked because DRAM chips used by modern computers retain data for seconds or even minutes after being 
powered down, contrary to popular opinion.
Cooling the chips wasn't absolutely necessary but aided the process in some cases."

More at
http://www.theregister.co.uk/2008/07/21/cold_boot_utilities/

And related:
http://citp.princeton.edu/memory

Juha-Matti
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: