Bad RAM: Disk encryption vulnerable to attack

Disk encryption, in its current implementation, is a joke. But it’s hardly the software makers’ fault.

Princeton researchers have developed a method to defeat a form of disk encryption that’s commonly found on laptops. It relies on the fact that RAM, contrary to popular belief, doesn’t erase automatically when power is cut. Rather, information stored in RAM—here, disk encryption keys—hangs around for a couple seconds, if not minutes. Cooling the RAM module slows the data disappearance even further.

From there, all you’d need to do is swap out the RAM module and run the proper software. Bam, instant information.

PGP, the encryption dudes, say its software works just fine. Instead of blaming it, you should blame the hardware companies for their poor design.

The attack should work on some of the most popular forms of encryption, including Apple’s File Vault. The above video shows an attack on a BitLocker’d Vista laptop.

You should probably assume that if someone has physical access to your machine, they’ll be able to crack it.

Cold Boot Attacks on Encryption Keys [Princeton via Wired’s Threat Level]

Encryption Still Good; Sleeping Mode Not So Much, PGP Says [Wired’s Threat Level]