Cold Boot Attacks on Smartphones (also weird science)

Even smartphone encryption is vulnerable to cold boot attacks. Got an encrypted phone you want to decrypt? Drop it in the freezer before pulling and replugging the battery. Then plug it into a computer and upload some software. It’s that easy.

I recommend a different cold boot attack: a bath of liquid nitrogen followed by a a steel-toed boot.

Weird science: I mentioned the whole “local cosmic ray* levels above ambient” thing as a) something linked to sleep disturbances b) something linked to bees acting really disturbed, and possibly and c) something against which the oft-cited Dr. Ludwig had developed some tricks.

* (I originally said “gamma radiation,” but looking at the descriptions it’s pretty clear cosmic rays were actually meant… though why these would be preferentially coming from the direction of the earth’s core I have not a clue.)

One of the solutions that I hadn’t been able to figure out was the bees’ answer — coating their nests in wax and propolis. Turns out science has figured out why… propolis protects against the harmful effects of ionizing radiation. (http://phys.org/news/2012-07-vitro-optimal-propolis-radioprotector.html)

Worth noting are the two solutions Dr. Ludwig tested and proved experimentally:
– for people with natural gamma/cosmic rays coming out of the ground under their house, a three layer under-bed mat of i) propolis/beeswax/??? impregnated cotton, ii) a grounded copper grid for E-field shielding iii) a high-permeability foil for magnetic field shielding (tested via UV spectroscopy and possibly double-blind trials from people with sleep trouble)

i) being rather clever, since it demonstrates an early understanding that the high-energy radiation would interact with the propolis and create a biological effect merely by modulation of the radiation, as in his other solution…

– a low power broadband magnetic pulse generator with circa 8Hz rep rate and a magnetic core “programmed” to ring at the geomagnetic frequencies (tested via UV spectroscopy)

https://www1.informatik.uni-erlangen.de/frost

“We present FROST, a tool set that supports the forensic recovery of scrambled telephones. To this end we perform cold boot attacks against Android smartphones and retrieve disk encryption keys from RAM. We show that cold boot attacks against Android phones are generally possible for the first time, and we perform our attacks practically against Galaxy Nexus devices from Samsung. To break disk encryption, the bootloader must be unlocked before the attack because scrambled user partitions are wiped during unlocking. However, we show that cold boot attacks are more generic and allow to retrieve sensitive information, such as contact lists, visited web sites, and photos, directly from RAM, even though the bootloader is locked.”

Advertisements
%d bloggers like this: