‘FROST’ attack can negate Android passcode, steal data from RAM

‘FROST’ attack can negate Android passcode, steal data from RAMWe heard last week about a security flaw in iOS 6.1, allowing access to the iPhone’s Contacts app after a frankly baffling sequence of swipes and what not.

Now it’s Android security going under the microscope, with a technique that involves shoving the smartphone in the freezer for an hour beforehand. For serious.

The interesting loophole has been exposed by a pair of researchers at Erlangen University in Germany, building on a flaw demonstrated on PCs way back in 2008.

The procedure is reliant upon something called “remanence”, defined as the brief lingering of data in memory once the power source has been removed. The colder the memory, the longer the information remains.

Taking advantage of the phenomenon, the researchers quickly remove and replace the battery on the frozen smartphone while holding Power and Volume, which induces “fastboot mode”. In the space of around half a second, data stored in RAM is offloaded via USB.

They’re calling it a FROST attack, which stands for Forensic Recovery of Scrambled Telephones.

It’s pointed out that smartphones are rarely rebooted (unless you’re Jan), and as such there’s often an abundance of potentially sensitive information stored in RAM.

The only way to avoid having your phone’s RAM interrogated? Have it turned off before it gets nicked, which is obviously a bit of a logistical nightmare.

On the plus side, the FROST attack technique will have positive connotations for forensic analysts.

via: Forbes

Add a comment
 1 comment

JanSt / MOD  Feb. 18, 2013 at 21:01

Quite some hassle... They could just ask Google or the makers of that great free Japanese Bikini Babes wallpaper apps :p
And yes, I reboot. Proudly so :D


You don't need an account to comment. Just enter your email address. We'll keep it private.