1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

memory trick breaks PC encryption

Discussion in 'The Lounge - Off Topic' started by greenbrucelee, Mar 5, 2008.

  1. greenbrucelee
    Highly Decorated Member Award

    greenbrucelee Zettabyte Poster

    14,283
    254
    329
    Take heed people http://news.bbc.co.uk/1/hi/technology/7275407.stm
     
    Certifications: A+, N+, MCDST, Security+, 70-270
    WIP: 70-620 or 70-680?
  2. richardw

    richardw Nibble Poster

    52
    0
    14
    well is that seconds or minutes? how many minutes?
    ah, so its about 15 seconds, long way from minutes!

    so were going to be leaving our laptop in starbucks or somewhere else long enought for someone to do all that, & then be faced with a password when the laptop finally switches back on?
    If you pull the power on windows, when it restarts it tells you it wasnt shut down properly, & then checks itself. That would wipe the memory.
     
    Certifications: MOS (Master), MMI
    WIP: MCAS, AAT
  3. BosonMichael
    Highly Decorated Member Award

    BosonMichael Yottabyte Poster

    19,136
    462
    374
    It's seconds if you don't cool the memory down. It's MINUTES if you freeze the memory using canned air turned upside down.

    so were going to be leaving our laptop in starbucks or somewhere else long enought for someone to do all that, & then be faced with a password when the laptop finally switches back on?
    If you pull the power on windows, when it restarts it tells you it wasnt shut down properly, & then checks itself. That would wipe the memory.[/QUOTE]

    Negative... the cache won't necessarily be wiped, even when you pull the power for a second. THAT'S the whole point of the article.
     
    Certifications: CISSP, MCSE+I, MCSE: Security, MCSE: Messaging, MCDST, MCDBA, MCTS, OCP, CCNP, CCDP, CCNA Security, CCNA Voice, CNE, SCSA, Security+, Linux+, Server+, Network+, A+
    WIP: Just about everything!
  4. greenbrucelee
    Highly Decorated Member Award

    greenbrucelee Zettabyte Poster

    14,283
    254
    329
    If the government can leave laptops with sensitive info on in the middle of motorways, I'm sure there's been plenty of people leaving their laptops in coffee shops.
     
    Certifications: A+, N+, MCDST, Security+, 70-270
    WIP: 70-620 or 70-680?
  5. dmarsh

    dmarsh Terabyte Poster

    3,782
    302
    184
    Certifications: CITP, BSc, HND, SCJP, SCJD, SCWCD, SCBCD, SCEA, N+, Sec+, Proj+, Server+, Linux+, MCTS, MCPD, MCSA, MCITP, CCDH
  6. greenbrucelee
    Highly Decorated Member Award

    greenbrucelee Zettabyte Poster

    14,283
    254
    329
    Sorry mate I must have missed it :oops:
     
    Certifications: A+, N+, MCDST, Security+, 70-270
    WIP: 70-620 or 70-680?
  7. richardw

    richardw Nibble Poster

    52
    0
    14
    they were 'losing' laptops with data on the hard drive, the article is about someone getting hold of your laptop when its on.


    i wonder why they didnt say how long it took them to power down, restart & then obtain the info from the memory? :dry
     
    Certifications: MOS (Master), MMI
    WIP: MCAS, AAT
  8. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,726
    175
    221
    I think its worth pointing out that security is almost always a non issue when physical access is granted, Hence why physical security plays just as much a part as storage and transport security in any high secure systems design

    if you got the box, you can often do what you want
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  9. greenbrucelee
    Highly Decorated Member Award

    greenbrucelee Zettabyte Poster

    14,283
    254
    329
    It doesn't really matter if the government were leaving hard drives around or laptops its still data that can be accessed with a few tricks.
     
    Certifications: A+, N+, MCDST, Security+, 70-270
    WIP: 70-620 or 70-680?
  10. richardw

    richardw Nibble Poster

    52
    0
    14
    the video for it is here http://citp.princeton.edu/memory/media/

    'In most computers we can read whats left by booting a simple start-up program'
    so a program has to be installed, the laptop rebooted, & somehow this process dosnt overwrite the ram?
    'with brief physical access'
    so you get to the laptop, locate the ram, gain access to the ram, spray it with cold spray, remove the ram, fit it into a 2nd laptop. in the video this takes over 30 seconds, & thats with the keyboard already removed.

    the laptop they use in the video, they state that the memory fades slowly enough that they dont need to cool it. however, it does have to be set to boot from a usb drive.


    its one of those 'oh wow, cool' things of no real relevance to the world.
    if youve left a laptop lying around long enough for this to happen, theres been enough time for it to be taken away & never returned.
     
    Certifications: MOS (Master), MMI
    WIP: MCAS, AAT
  11. BosonMichael
    Highly Decorated Member Award

    BosonMichael Yottabyte Poster

    19,136
    462
    374
    You're not getting it... you can boot a start-up program from CD, floppy, USB key, whatever. Not "Boot to Windows and access a program"... boot a program directly from startup, WITHOUT Windows.

    Have you never booted a PC to a disk before?

    The whole point is that most people think, "All I need to do is encrypt my hard disk and password protect my login, and all is well. Even if my laptop is stolen, I don't need to worry about someone getting my confidential data." Well, that's accurate, if it were not possible to recover your password or encryption key from cached memory. I can steal your laptop and do ALL this stuff at my leisure.
     
    Certifications: CISSP, MCSE+I, MCSE: Security, MCSE: Messaging, MCDST, MCDBA, MCTS, OCP, CCNP, CCDP, CCNA Security, CCNA Voice, CNE, SCSA, Security+, Linux+, Server+, Network+, A+
    WIP: Just about everything!
  12. sunn

    sunn Gigabyte Poster

    1,562
    24
    79
    Agreed, but physical access is so often over-looked. At a one company 2-guys walked in and just picked up computers off desks & walked out. I thought it was the funniest thing in the world - since I quit the week prior. :twisted:
    I was re-hired as a security consultant. :p
     

Share This Page

Loading...