This is alarming, if true: according to a group of German security researchers at the University of Erlangen, if you put a locked, encrypted Android phone in the freezer for an hour and then quickly reboot it and plug it into a laptop, the memory will retain enough charge to stay decrypted, and can boot up into a custom OS that can recover the keys and boot the phone up with all the files available in the clear. The attack is called FROST: "Forensic Recovery Of Scrambled Telephones," and it requires a phone with an unlocked bootloader to work.
At the end of 2011, Google released version 4.0 of its Android operating system for smartphones. For the first time, Android smartphone owners were supplied with a disk encryption feature that transparently scrambles user partitions, thus protecting sensitive user information against targeted attacks that bypass screen locks. On the downside, scrambled telephones are a a nightmare for IT forensics and law enforcement, because once the power of a scrambled device is cut any chance other than bruteforce is lost to recover data.
We present FROST, a tool set that supports the forensic recovery of scrambled telephones. To this end we perform cold boot attacks against Android smartphones and retrieve disk encryption keys from RAM. We show that cold boot attacks against Android phones are generally possible for the first time, and we perform our attacks practically against Galaxy Nexus devices from Samsung. To break disk encryption, the bootloader must be unlocked before the attack because scrambled user partitions are wiped during unlocking. However, we show that cold boot attacks are more generic and allow to retrieve sensitive information, such as contact lists, visited web sites, and photos, directly from RAM, even though the bootloader is locked.
FROST: Forensic Recovery Of Scrambled Telephones
Mostly it’s your record locator and frequent flier number, but with that, an attacker can access the ticket record, see your future flights, your email address, and the details of the emergency contacts you’d added to the reservation.
Adam Conover latest “Adam Ruins Everything” is five depressingly hilarious minutes on aviation security, security theater, privacy, and ritual humiliation, with a guest-appearance by Bruce Schneier. If you didn’t laugh, you’d have to cry, although you can always do both, right?
In a new episode of the BBC’s Panorama, Edward Snowden describes the secret mobile phone malware developed by GCHQ and the NSA, which has the power to listen in through your phone’s mic and follow you around, even when your phone is switched off.
This Smartphone Photo Lens Kit arms you with six unique smartphone photography accessories, so you can take high-quality and well-composed photos of any subject from small insects to expansive landscapes.6 unique lensesRolls up neatly for transportTripod for stabilitySmall lenses attach seamlessly with magnetMicroscope and 8x telephoto lenses attach with a case (case attaches to phone)Lens wallet […]
Inspired by the universality of symbols, the founders of Noun Project began to collect thousands of hand-drawn icons. The concept has since transformed into a massive digital collection of 150,000+ unique icons that fuel the work of designers every day. Spend less time crafting icons and more time putting amazing designs out into the world with […]
You won’t need to think twice about going hands-free on the road with Exomount’s easy-to-use car mount. It mounts your smartphone so easily, you literally only need one hand to quickly secure your phone in the perfect position and get driving. Don’t risk a ticket, use the world’s best suction technology to effortlessly mount and […]