[ISN] Researchers Manage To Dump RAM Contents Off An Encrypted, Locked Android Phone... By Freezing It

From: InfoSec News <alerts_at_private>
Date: Mon, 18 Feb 2013 00:47:06 -0600 (CST)
http://www.androidpolice.com/2013/02/14/researchers-manage-to-dump-ram-contents-off-an-encrypted-locked-android-phone-by-freezing-it/

By David Ruddock
Android Police
Feb 14, 2013

Put this one in the "weird but true" pile - researchers at Erlangen University 
in Germany have managed to dump the contents of a Galaxy Nexus's RAM... which 
doesn't sound exciting. Except for the fact that the phone had a PIN-protected 
lockscreen and encrypted internal storage. The technique used, known as "FROST" 
(clever acronym there, guys), has been demonstrated on computers before.

Step 1.) put the (powered-on, if it's off you lose the valuable RAM contents) 
phone in a really, really cold freezer. Step 2.) develop software that allows 
you to dump the active memory from an Android smartphone via USB (you might 
want to do this before step one). Step 3.) Pull the battery (or turn the phone 
off, though this may cause issues), boot into fastboot, run the dump software, 
and voila - data stolen.

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org 
Received on Sun Feb 17 2013 - 22:47:06 PST

This archive was generated by hypermail 2.2.0 : Sun Feb 17 2013 - 22:39:45 PST