Cleaning spray defeats disk encryption
By Matthew Sparkes
Posted on 22 Feb 2008 at 10:33
Hard disk encryption can be broken using nothing more complex than a can of cleaning spray and a new algorithm, claim researchers at Princeton University.
The encryption key for most systems is stored in RAM, even if the user is not yet logged in.
The Princeton researchers have developed a new algorithm which can analyse a chip and decipher the key, allowing access to all encrypted data.
"We have found new attacks that can defeat most disk encryption products if an attacker gains physical access to the computer. These attacks are surprisingly practical, typically taking only a few minutes," explains a video from the group demonstrating such an attack.
While most people believe that the contents of RAM are immediately erased when power is lost, data is actually present for seconds or minutes after power loss, depending on the brand of chip.
Because of this, attackers can turn off power to the PC, quickly reboot and run an analytic algorithm to recover the encryption key.
Should this not be possible, the RAM chip can even be removed from the machine and transplanted into another, where the code can be run.
The rate at which data is lost can be slowed by cooling the chips, and researchers found that freezing RAM with an inverted cleaning spray can extend this period to ten minutes - long enough to remove RAM and transplant it into another computer.
"Whether your computer is at risk depends on what kind of disk encryption you use and what mode your computer is in when an attacker accesses it," explains the demonstration video.
"Most disk encryption systems can be defeated if the computer is stolen or accessed when it is in sleep mode or at a password protected screensaver. Windows Vista BitLocker is also sometimes vulnerable even when the computer is completely off."
Is your business a social business? For helpful info and tips visit our hub.
- iPhone 6 release date, specs/features and rumours: when is the new iPhone 6 coming out in the UK
- Still on Windows XP? There's now an unofficial service pack
- It's on: Apple announces 9 September event for the iPad, iWatch and iPhone 6... maybe
- 1,500 fake apps kicked off Windows Store
- Forget robot butlers: meet Fuji Xerox's robot printer
- 20 years of PC Pro: our best covers
- Why we've closed the PC Pro forums
- How to turn off Google Location Tracking
- 20 years of PC Pro: our greatest review mistakes
- 20 years of PC Pro: our first A-List
- Wikipedia's "right to be forgotten" protest hits the wrong note
- 3D printing hits the high street for plastic selfies
- 20 years of PC Pro: What amazed us in our first issue
- How Google Glass ruined my lunch hour
- Smartphone battery packs: can a USB power pack beat the festival battery blues?
- How to sell more ebooks on Amazon
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office