Average Rating: Rate this article:

Cold-Boot Attack Can Crack Disk Encryption By Peter Piazza February 22, 2008 11:03AM Windows Vista's BitLocker, Apple Inc.'s FileVault for the Mac and other encryption tools are vulnerable to a cold-boot attack using compressed air on memory chips. The cold-boot vulnerability is based on data persistence in DRAM modules, according to a report by Princeton's Center for Information Technology Policy.   Related Topics BitLocker FileVault DRAM Encryption Latest News Autism Risk for Kids of Older Mothers Go Online and You Can Save the Planet In Haiti, Relief Gaps Are Spreading U.S. To Form Climate-Change Agency U.S. Losing in Clean-Tech Innovation Encrypting your hard drive has been touted as the ultimate in data protection. But new research shows that a savvy attacker with a can of compressed air and good timing can access encryption keys used by Vista's BitLocker, the Mac's FileVault, and other well-known encryption tools -- and then your data. While a computer is running, data and the encryption keys used by full-disk encryption systems are held in dynamic random-access memory. Researchers at Princeton University's Center for Information Technology Policy took advantage of the fact that data persists on DRAM modules even when a computer is turned off. Researcher Ed Felten wrote on his blog, "Virtually everybody, including experts, will tell you that DRAM contents are lost when you turn off the power . But this isn't so." The data in DRAM modules persists only for a minute or less at room temperature, but the decay of data can be significantly slowed by using an air-spray duster to cool the chips (a few sprays can lower the temperature to -50 degrees Celsius). Then, with specialized software, "someone could carry out our attacks against a target computer in a matter of minutes," Felten wrote. The Princeton team did not disclose the source code or software used in the cold-boot attack. Widespread Vulnerability "Most disk-encryption systems can be defeated if the computer is stolen or accessed while it is in sleep mode or in a password-protected screen saver," Felten wrote. Vista's BitLocker "is also sometimes vulnerable even when the computer is completely off." Microsoft acknowledged that the attack could occur. "Like all full-volume encryption products, BitLocker has a key in memory when the system is running in order to encrypt/decrypt data on the fly for the drive(s) in use. If a system is in 'sleep mode' it is, in effect, still running," Microsoft said in a statement provided to NewsFactor. Encryption vendor PGP was not mentioned in the report, but CTO Jon Callas told NewsFactor that "though this is primarily a hardware attack, PGP's Whole Disk Encryption functionality could be as vulnerable as any other vendor's full-disk encryption products." The company has asked the publishers of the report how it can protect against this type of attack. (continued...) 1  |  2  |  Next Page >   Tell Us What You Think Your Comment: Also Visit: iPad Info Center Billions of Bytes Mobile Device Now Apple Info Center TopTechWire.com Advertisement  Network Security 1.   China Cyberattacks: Pervasive Threat 2.   Patch Tuesday Will Tie MS Record 3.   Cybersecurity Appears Hot for 2010 4.   EPIC Objects To Google-NSA Ties 5.   Torrent Traps Used To Harvest Logins

Mobile Enterprise Spotlight

Analysts See iPad Price Drop, with Some Cannibalization Just weeks before Apple officially rolls out the iPad, financial analysts are making pricing predictions. But could the analysis itself hinder the initial demand for the pricey tablet computer?   Bar Codes Go Mobile, Get Hip Again For decades, retailers have used patterns of black dots and lines to encode data onto products. Now, bar codes are gaining favor as an easy way for cell-phone users to view ads and other data instantly.   'Dead Simple, Dirt Cheap' JooJoo Tablet Shipping Soon The JooJoo, a web-browsing tablet device that is the subject of a high-profile legal dispute, appears on track to reach buyers at the end of February, but the tablet scene has dramatically changed.

Enterprise Technology Spotlight

Google May Add Facebook, Twitter Links to Gmail Google will reportedly roll more social-networking features into Gmail, the fastest-growing e-mail service. The new features could save users the trouble of switching to Facebook or Twitter.   IBM's New POWER7 Servers Save Energy with Big Loads IBM has unveiled high-capacity servers that are the first to be based on its new, multi-core POWER7 chip. It said the new line is designed "to manage the most demanding emerging applications."   IBM Opens Eco-Friendly, Cloud-Focused Data Center IBM has opened its latest data center in North Carolina. Big Blue said the $362 million facility in Research Triangle Park is designed to support cloud computing and other new computing models.

Navigation Sci-Tech Today Home/Top News | Computing | Digital Life | Discovery | Space | Innovation | Health | Science News Environment NewsFactor Network Enterprise I.T. Sites NewsFactor Technology News | Enterprise Security Today | CRM Daily NewsFactor Business and Innovation Sites Sci-Tech Today | NewsFactor Business Report NewsFactor Services FreeNewsFeed | Free Newsletters | Free Whitepapers | About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise Privacy Policy | Terms of Service © Copyright 2000-2010 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo.