'Cold Boot' encryption hack unlikely, says Microsoft
Users can keep thieves from stealing encrypted data by changing some settings in Windows, a Microsoft product manager said as he downplayed the threat posed by new research that shows how attackers can inspect a "ghost" of computer memory.
Russ Humphries, a senior product manager for Windows Vista security, reacted Friday to reports last week about a new low-tech technique that could be used to lift the encryption key used by Vista's BitLocker or Mac OS X's FileVault. Once an attacker has the key, of course, he could easily access the data locked away on an encrypted drive.
The method -- dubbed "Cold Boot" because criminals can boost their chances by cooling down the computer's memory with compressed gas or even liquid nitrogen -- relies on the fact that data doesn't disappear instantly when a system is turned off or enters "sleep" mode. Instead, the bits stored in memory chips decay slowly, relatively speaking.
Cooling down memory to -58 degrees Fahrenheit (-50 degrees Celsius) would give attackers as long as 10 minutes to examine the contents of memory, said the researchers from Princeton University, the Electronic Frontier Foundation and Wind River Systems. And when they pushed the envelope and submersed the memory in liquid nitrogen to bring the temperature down to -310 degrees Fahrenheit (-190 degrees Celsius), researchers saw just 0.17% data decay after an hour.
The whole thing is unlikely, Humphries argued in a post to the Vista security team's blog. To make his case, he ticked off several preconditions:
-- The attacker would have to have physical access to the machine.
-- The laptop would likely have to be in "sleep" mode, rather than in "hibernate" mode or powered off.
-- The person who finds/steals the laptop must be knowledgeable and interested enough to execute the attack.
"I would posit that the opportunistic laptop thief is somewhat unlikely to carry a separate laptop on which they will have installed tools that allow them to reconstruct cryptographic keys, or for that matter have a can of compressed air handy," said Humphries.
Click here for case studies, whitepapers and other useful vendor content 
ARN Panel Sessions: Day 3The last of our panel sessions recorded live at CeBIT 2008. Today, the topic is storage. Data is growing at an enormous rate, so what does the future hold?
Intel launches sales of the Core i7 processor Several hundred PC hobbyists came to Tokyo'a Akihabara electronics district late Saturday night as Intel kicked off worldwide sales of its new Core i7 processor.
Electronic voting in U.S. electionDoubts about voting machines are lingering in the minds of many Americans as they head to the polls.
When an IT disaster occurs, how handy it would be to push a button and start again as if nothing had happened.
Discover and learn more about CA XOSoft today.
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 20 November, 2008 17:34:00
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 20 November, 2008 12:06:00
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 20 November, 2008 12:04:00
NetApp Named 2008 Citrix Ready Solution of the Year by Citrix Systems 20 November, 2008 11:33:00
Extreme Networks Ethernet Transport lowers total cost of ownership for carrier metro networks 20 November, 2008 10:21:00
V/Line and Oakton use Microsoft SQL Server 2008 to develop an Executive HR Dashboard
With the help of Oakton, V/Line - Victoria's regional public transport provider - utilised Microsoft SQL Server 2008 to develop an Executive HR Dashboard report.
Buying Guides
Buying Guides
