Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If the target manages to lock the computer, the next thing to do is to freeze the RAM sticks and try to get the encryption key from there: http://citpsite.s3-website-us-east-1.amazonaws.com/oldsite-h...

"We also confirmed that decay rates vary dramatically with temperature. We obtained surface temperatures of approximately −50C with a simple cooling technique: discharging inverted cans of “canned air” duster spray directly onto the chips. At these temperatures, we typically found that fewer than 1% of bits decayed even after 10 minutes without power. To test the limits of this effect, we submerged DRAM modules in liquid nitrogen (ca. −196C) and saw decay of only 0.17% after 60 minutes out of the computer."



Ulbricht's Samsung 700Z laptop used DDR3 RAM. These guys couldn't reproduce the "cold boot"/"RAM freeze" attack using DDR3 RAM: http://www1.cs.fau.de/filepool/projects/coldboot/fares_coldb...

But I don't see why they would need to freeze anything. I would think the feds should be able to make a device that plugs onto the DRAM connectors of chips and reads the content, although I'm not sure.


I just realized that an easier way, when you have a guy under surveillance using his computer in public, is to capture some decent footage of him entering his password before you bust him. Way less fun though.


To prevent cold boot attacks you can store the key in a CPU register instead of memory: https://en.wikipedia.org/wiki/TRESOR


The Linux distribution Tails will automatically wipe RAM when shut down, which can be triggered by removing the USB drive it is running off of. I guess the thing to do would be to only work in a place where you can delay law enforcement long enough for the wipe to complete. But alas, it seems Ulbricht wasn't paranoid enough.

https://tails.boum.org/doc/advanced_topics/cold_boot_attacks...

Or, of course, thermite always works.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: