Topic: Here is a scary thought...  (Read 2109 times)

0 Members and 1 Guest are viewing this topic.

Offline IAF Lyrkiller

  • Semi retired, but I am still around
  • D.Net Beta Tester
  • Lt. Commander
  • *
  • Posts: 1321
  • Gender: Male
  • JAG & Tech Support
Here is a scary thought...
« on: February 23, 2008, 05:27:56 pm »
Blast of cold air can open computer to hackers

New research shows how easily an encrypted hard drive can be defeated

MSN Tech and Gadgets
 

 

 
 

By Jordan Robertson

updated 3:59 p.m. CT, Fri., Feb. 22, 2008

SAN FRANCISCO - Want to break into a computer's encrypted hard drive? Just blast the machine's memory chip with a burst of cold air.

That's the conclusion of new research out of Princeton University demonstrating a novel, low-tech way hackers can access even the most well-protected computers, provided they have physical access to the machines.

The Princeton report shows how encryption, long considered a vital shield against hacker attacks, can be defeated by manipulating the way memory chips work. The researchers say the ease of their attack raises fears about the security of laptop computers increasingly used to store sensitive information, from personal banking data, to company trade secrets, to national security documents.

 

 



Freezing a dynamic random access memory, or DRAM, chip, the most common type of memory chip in personal computers, causes it to retain data for minutes or even hours after the machine loses power, the report found. That data includes the keys to unlock encryption. Without freezing, the chip loses its contents within seconds.

Hackers can steal information stored in memory by rebooting the compromised machine with a simple program designed to copy the memory contents — before the computer has a chance to purge sensitive data, according to the study.

Laptops left in hibernation or sleep mode, or simply not turned off at all, are the most vulnerable to the new type of attack.

"These risks imply that disk encryption on laptops may do less good than widely believed," according to the report, which was published this week by researchers from Princeton, the Electronic Frontier Foundation digital rights group, and Wind River Systems software company. "Ultimately, it might become necessary to treat DRAM as untrusted, and to avoid storing sensitive confidential data there, but this will not be feasible until architectures are changed to give software a safe place to keep its keys."

Researchers have known since the 1970s that cooled DRAM chips can retain their contents long after power to them is extinguished, but the researchers said they believe their study is the first security paper to focus on the phenomenon. National security agencies may also have been aware that the types of breaches outlined in the study are possible, the researchers said, but added they weren't able to find evidence of that in any publications.

The attacks were carried out by spraying an upside-down canister of multipurpose duster spray directly onto the memory chips, freezing them to minus 50 degrees Celsius (about minus 60 Fahrenheit.)

One challenge faced by the researchers was the threat that booting the system will automatically overwrite some parts of the memory. To make sure the contents were retained, they used small, special-purpose programs known as memory-imaging tools, which can be loaded over a network connection or a USB device, to save images captured from the memory chip. The attacks even work when the DRAM chip is removed and transferred to a machine set up by the hacker.


I being a tech knows that shutting down power wipes everything off the chip, I could be wrong. :huh:




KAT-Lyrkiller
Semi-retired
Captain of the MSC Maus
MEMBER OF KLAW
SILENCE.....I keel you!!!

Offline Don Karnage

  • Lt. Commander
  • *
  • Posts: 2327
  • Gender: Male
Re: Here is a scary thought...
« Reply #1 on: February 24, 2008, 07:31:10 am »
well its not like it was possible to blast the ram with cold air, -50c is a lot and without liquid nitrogen i don't see how its possible.

Offline Nemesis

  • Captain Kayn
  • Global Moderator
  • Commodore
  • *
  • Posts: 13067
Re: Here is a scary thought...
« Reply #2 on: February 24, 2008, 12:28:44 pm »
Dry ice should be cold enough and is commercially available.
Do unto others as Frey has done unto you.
Seti Team    Free Software
I believe truth and principle do matter. If you have to sacrifice them to get the results you want, then the results aren't worth it.
 FoaS_XC : "Take great pains to distinguish a criticism vs. an attack. A person reading a post should never be able to confuse the two."

Offline Don Karnage

  • Lt. Commander
  • *
  • Posts: 2327
  • Gender: Male
Re: Here is a scary thought...
« Reply #3 on: February 24, 2008, 01:50:32 pm »
ok and how much do you need, and how much it cost and how do you manipulate it?

depending of what you are looking for on the com but it might not be worth it.

Offline Nemesis

  • Captain Kayn
  • Global Moderator
  • Commodore
  • *
  • Posts: 13067
Re: Here is a scary thought...
« Reply #4 on: February 24, 2008, 08:23:04 pm »
The lab at work buys it in 50 kg quantities but I'm not involved so I don't have a clue of the price.  It can be handled easily with insulated gloves or with tongs.
Do unto others as Frey has done unto you.
Seti Team    Free Software
I believe truth and principle do matter. If you have to sacrifice them to get the results you want, then the results aren't worth it.
 FoaS_XC : "Take great pains to distinguish a criticism vs. an attack. A person reading a post should never be able to confuse the two."

Offline Centurus

  • Old Mad Man Making Ship Again....Kinda?
  • Captain
  • *
  • Posts: 8505
  • Gender: Male
Re: Here is a scary thought...
« Reply #5 on: February 24, 2008, 09:30:56 pm »
You really wouldn't need a very large quantity.  What you'd really need is time to use the dry ice to do what you wanted to with the memory chips. 

Wrapping dry ice in some newspaper and then placing it inside a regular sandwich bag is usually good enough if you're gonna transport it, but it's preferable to use a portable cooler, like one would use if having lunch in a park or something, and wanted to keep drinks cold.

The pen is truly mightier than the sword.  And considerably easier to write with.

Offline Beeblebrox

  • Existential Warfare
  • Lt. Junior Grade
  • *
  • Posts: 303
Re: Here is a scary thought...
« Reply #6 on: February 25, 2008, 02:43:17 am »
As for dry ice you can find it in a lot of grocery stores.
"Out swords and to work with all!"---Cyrano de Bergerac

Offline marstone

  • Because I can
  • Commander
  • *
  • Posts: 3014
  • Gender: Male
  • G.E.C.K. - The best kit to have
    • Ramblings on the Q3, blog
Re: Here is a scary thought...
« Reply #7 on: February 25, 2008, 02:56:59 am »
yep, dry ice is cheap (realitively), easy to make if you have compressed CO2, it is below -100f so would be cold anough.  Doesn't leave any liquid behind to mess up the circuits.  Would work well.  Hard to get into a secure facility, but a bank by the cleaning crew, darn easy.  Amazing the access a janitor has in the world.
The smell of printer ink in the morning,
Tis the smell of programming.

Offline Sirgod

  • Whooot Master Cattle Baron
  • Global Moderator
  • Vice Admiral
  • *
  • Posts: 27844
  • Gender: Male
Re: Here is a scary thought...
« Reply #8 on: February 25, 2008, 10:04:46 pm »
As for dry ice you can find it in a lot of grocery stores.

Yep. I wind up buying some twice a year to ship Meats as gifts to an Uncle in Florida. Easy to find.

Stephen
"You cannot exaggerate about the Marines. They are convinced to the point of arrogance, that they are the most ferocious fighters on earth - and the amusing thing about it is that they are."- Father Kevin Keaney, Chaplain, Korean War

Offline Dracho

  • Global Moderator
  • Rear Admiral
  • *
  • Posts: 18289
  • Gender: Male
Re: Here is a scary thought...
« Reply #9 on: February 25, 2008, 10:24:45 pm »
Practically speaking, the thief must get to the machine almost as soon as it is shut off.. so this isn't as bad as it sounds.  The main thing seems to be to disable the hibernate function on your corporate laptops and you're probably fine, so long as the machine isn't stolen within minutes of being turned off, then frozen immediately.

This does not strike me as especially repeatable outside the laboratory environment.
The worst enemy of a good plan is the dream of a perfect plan.  - Karl von Clausewitz