A blast of cold air compromises national security
February 23rd, 2008 | by Brook Durant |
It seems that researchers at Princeton have discovered you can hack into an encrypted hard drive by blasting the computer’s RAM with cold air. It seems that memory which has been treated with some cold air will retain data even after the power is removed from it.
In case you’re not familiar with RAM it is volatile memory meaning that when the power is removed it loses whatever is stored there. Unlike hard drives which store data using magnetism. It’s a bit more complex than that, but for our purposes that is all you need to know. So the long and short is that when you pull the plug on RAM the data on there is “released” (for lack of a better term). With a hard drive the plug being pulled results in no data loss. At least that is how it has always been up until this discovery.
The article about this discovery didn’t give exactly how long the RAM would retain old data after being hit with the cold air. Nor did it say at what temperature it would start to lose the data again. It did however note that your common compressed air can turned upside down and sprayed on the memory was enough to do the trick.
Don’t get to worried though. It’s not quite a simple as just spraying some cold air and getting your data from the RAM. You actually need something to read the “frozen” memory, and store the contents without heating it up and causing it to be overwritten. Not to mention the fact that it would require a running (or sleeping/hibernating) machine that someone could physically get access to, freeze the memory, and read the contents.
What does all this mean for computer security? Not much at all. Use common sense and if you’re going to leave your computer in an unsecured environment for any significant amount of time shut it off. After a few seconds the memory will be clear and you’ll have nothing to worry about. At least not in regards to this.
I do have one question though. Who thinks of these kind of things to try?
Wow! I just realized I hadn’t updated this blog since the 12th of February. Completely unacceptable! Apologies to all of my readers. I don’t have much of an excuse except to say that I’ve been very busy over at (shameless plug) Pet-Snakes.com. Fortunately I am altogether confident that you will forgive me. Anyhow, let’s get on with the show and I will do my level-headed best to keep things moving around here. One last thing, at this point there will be no sale of this blog. We’ll see how things look down the line in a few months.
Don't forget to subscribe to A Blog about Nothing's RSS feed!
Tags: computer security, encryption, hacking, national security
By mac on Mar 5, 2008
Some softwares are going to be used during the ‘hacking process,I was once told.Meaning,not everyone can do this kind of thing
By A Blog about Nothing on Mar 7, 2008
Mac - I pointed that out in the article.
By job on Mar 13, 2008
better be careful with all your personal and private stuffs,we never know..is there any sign that can show the computer’s been hacked?any software of physical appearances?