Cold Boot Threat, protect your laptop by IceLock software or by BitArmor’s FDE.
By admin at 22 May, 2008, 8:05 am
The cold boot vulnerability allows hackers to steal encryption keys from dynamic RAM (DRAM) memory in laptops that have been recently powered down. Data from DRAM doesn’t disappear instantly when a system is turned off or enters “sleep” mode. Instead, the bits stored in memory chips decay slowly. DRAMs typically lose their contents over a period of seconds. Encrypted DRAM data can be hacked, once an attacker has the key.
Various companies offer software that protect computer from “cold Boot”. Once such software is HyBule’s IceLock, which reportedly protects against “Cold Boot” and other RAM-targeting exploits. According to the company report IceLock takes an aggressive approach to keys in RAM, which protects encryption keys against the “cold boot” exploit. During any system transition (e.g. hibernation, power-off, log-off, and screen saver activation) all keys are deleted from RAM and overwritten with random data.
Another company that provides solution from cold boot is BitArmor, which Full Disk Encryption (FDE) product can prevent cold boot attacks.If hacker access DRAM during hibernation and within 2 minutes of shutdown, then BitArmor scrubs keys using KeyScrubberâ„¢ technology immediately as the computer shuts down or goes into hibernation mode. Therefore no data can be accessed. On other scenario , if DRAM access when shutdown, then BitArmor scrubs keys. Therefore main logic is to either scrubs the keys or overwrite it with other data sets.
To know more about cold boot , you can see the original Princeton research PDF here.
Cold boot threat is real and i am a sufferer.