[ISN] Researchers Manage To Dump RAM Contents Off An Encrypted, Locked Android Phone… By Freezing It

http://www.androidpolice.com/2013/02/14/researchers-manage-to-dump-ram-contents-off-an-encrypted-locked-android-phone-by-freezing-it/ By David Ruddock Android Police Feb 14, 2013 Put this one in the “weird but true” pile – researchers at Erlangen University in Germany have managed to dump the contents of a Galaxy Nexus’s RAM… which doesn’t sound exciting. Except for the fact that the phone had a PIN-protected lockscreen and encrypted internal storage. The technique used, known as “FROST” (clever acronym there, guys), has been demonstrated on computers before. Step 1.) put the (powered-on, if it’s off you lose the valuable RAM contents) phone in a really, really cold freezer. Step 2.) develop software that allows you to dump the active memory from an Android smartphone via USB (you might want to do this before step one). Step 3.) Pull the battery (or turn the phone off, though this may cause issues), boot into fastboot, run the dump software, and voila – data stolen. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org