Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

isn logo Information Security News mailing list archives

Researchers release 'cold boot' attack utilities
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 22 Jul 2008 00:02:54 -0500 (CDT)
http://www.theregister.co.uk/2008/07/21/cold_boot_utilities/

By John Leyden
The Register
21st July 2008 

The security researcher who demonstrated the 'cold boot' attack has 
released the source code for the hack. The attack, first demonstrated in 
February, uses a set of utilities to lift crypto keys from memory even 
after a reboot.

A boon for hackers and computer forensics experts alike, the approach 
created a means to circumvent disk encryption simply by powering off a 
target machine which has been left hibernating or screen-locked, and 
quickly re-booting it to an external hard drive loaded with customised 
software. The attack worked because DRAM chips used by modern computers 
retain data for seconds or even minutes after being powered down, 
contrary to popular opinion. Cooling the chips wasn't absolutely 
necessary but aided the process in some cases.

Once the data is recovered utilities are needed to make sense of the 
information and perform functions such as correcting errors caused by 
bit decay.

The approach was pioneered by researchers from the Electronic Frontier 
Foundation, Princeton University and Wind River. One of the researchers 
involved in the celebrated hack, Jacob Appelbaum, released source code 
for the utilities used for it at the Hackers on Planet Earth (HOPE) 
conference in New York last weekend. It's hoped the release of the 
utilities will spur the development of countermeasures as well as 
raising awareness about the risks posed by the original attack.

[...]


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com

  By Date           By Thread  

Current thread:
  • Researchers release 'cold boot' attack utilities InfoSec News (Jul 21)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]