Researchers at Princeton University have published a paper on a new way of recovering encryption passwords using little more than a can of compressed air and a screwdriver.
Sure, that sounds like an oversimplification, but the early steps of their exploit doesn’t really need much more than that.
When accessing encrypted data stored with programs like BitLocker, FileVault, dm-crypt, and TrueCrypt, the encryption key is stored in the computer’s RAM.
When your computer is turned off, most people believe that whatever is in RAM is lost right away but that’s not necessary correct. The data in RAM degrades over time in a predictable pattern.
Freeze the RAM chips and the data stays in memory much longer. That’s where the can of compressed air comes in handy.
To see it in action and get more details, check out their video here.
[Via Engadget]
Filed under: tech | Tagged: encryption, exploit, hack, security, tech
