BBtv “Hacker HOWTO”: Cold Boot Encryption Attack

Xeni visits the offices of the Electronic Frontier Foundation and speaks with Jake Appelbaum and Bill Paul, two of the authors of a security research paper that shows how your computer’s memory can be tricked into revealing data you thought was safely encrypted, and out of the reach of others.

One method involves using a can of compressed air to quickly cool the memory chip, but freezing the target isn’t the only way to lull it into submission — Paul shows us how to use an iPod or a USB thumb drive to do the same thing. These methods have been shown to defeat three popular
disk encryption products commonly used to protect data on laptops: BitLocker (Windows Vista), FileVault (MacOS X), and dm-crypt (Linux).

Here’s the entire text of the report draft, released earlier this year: Lest We Remember: Cold Boot Attacks on Encryption Keys
. Authors: J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten.

The team plan to research additional software tools and a final version of their report at Usenix Security Symposium in July/August.

Special thanks to Seth Schoen and Peter Eckersley of the EFF.

About Xeni Jardin

Boing Boing editor/partner and tech culture journalist Xeni Jardin hosts and produces Boing Boing's in-flight TV channel on Virgin America airlines (#10 on the dial), and writes about living with breast cancer. Diagnosed in 2011. @xeni on Twitter. email: xeni@boingboing.net.
This entry was posted in security. Bookmark the permalink.

8 Responses to BBtv “Hacker HOWTO”: Cold Boot Encryption Attack

  1. seanboing says:

    http://www.dolphinporn.com seems safe and happy, WTH?

  2. zuzu says:

    zuzu, I assure you that the iPod is not loaded with msramdmp. We wrote all of our own software for these attacks. msramdmp is very limited and bloated for what it can do. It stomps on a ton of memory because it uses SYSLINUX, it doesn’t play nice with 64bit, etc, etc.

    Ah, sorry about that. I shouldn’t have spoken so definitively about a presumption. Thanks for the clarification.

    Do you plan on publicly releasing the software with the final report at the Usenix Security Symposium?

  3. seanboing says:

    Ahh Xeni, you crack me up!

  4. Qozmiq says:

    Dolphinporn.com got the best of me (or worst, as you like it) and I had to see if it was real. Warning, under no circumstances should you Google dolphinporn.com, or any wholly owned subsidiary. I warned you.

  5. Xeni Jardin says:

    @seanboing, oh, not if you speak dolphin it’s not. The wav files of underwater squeaks on that page are downright filthy. There should at least be some age verification link or something! Christ!

  6. zuzu says:

    msramdmp is the program in question being used on the iPod (or booting from any USB disk such as a flash drive). Thanks to Jake Appelbaum, Robert Wesley McGrew, et. al. for demonstrating how practicable this attack really is.

  7. ioerror says:

    zuzu, I assure you that the iPod is not loaded with msramdmp. We wrote all of our own software for these attacks. msramdmp is very limited and bloated for what it can do. It stomps on a ton of memory because it uses SYSLINUX, it doesn’t play nice with 64bit, etc, etc.

    Everything we’ve written is from scratch because we care about having the most minimal memory footprint possible.

  8. ioerror says:

    We’ll release most of the software in the near-ish future.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

 

More BB

Boing Boing Video

Flickr Pool

Digg

Wikipedia

Advertise

Displays ads via FM Tech

RSS and Email

This work is licensed under a Creative Commons License permitting non-commercial sharing with attribution. Boing Boing is a trademark of Happy Mutants LLC in the United States and other countries.

FM Tech