This site may earn affiliate commissions from the links on this page. Terms of use.

Wait at that laptop over there, chapeau closed and sleeping soundly. It looks safety and secure, doesn't information technology? Well, there'due south a good chance that it's vulnerable to a cold boot attack that could compromise your data. Co-ordinate to security firm F-Secure, almost every computer is vulnerable to this blazon of assail.

At the center of this attack is the way computers manage RAM via firmware. Cold boot attacks aren't new — the first ones came along in 2008. Back then, security researchers realized y'all could hard reboot a car and siphon off a bit of data from the RAM. This could include sensitive information like encryption keys and personal documents that were open up before the device rebooted. In the concluding few years, computers have been hardened against this kind of attack by ensuring RAM is cleared faster. For example, restoring ability to a powered-down car will erase the contents of RAM.

The new attack can get around the cold boot safeguards because it'due south not off — information technology'south merely comatose. F-Secure'south Olle Segerdahl and Pasi Saarinen found a way to rewrite the non-volatile retentivity bit that contains the security settings, thus disabling retentivity overwriting. After that, the aggressor tin boot from an external device to read the contents of the system'due south RAM from before the device went to sleep.

You tin can encounter the procedure in the video below. Information technology's obviously quite involved, but an experienced attacker could get it washed in a matter of minutes. F-Secure's description of the attack seems intentionally vague on how exactly yous modify the firmware security, but we are assured it's "elementary." Peradventure the one saving grace here is that someone needs to have concrete access to your calculator and enough time to take it apart in order to steal any data. Some computers aren't very like shooting fish in a barrel to disassemble these days, either.

F-Secure says there'due south no easy set for PC vendors — there will always be means to pull data out of RAM with the right methods. However, cease users and businesses can change their practices to limit the bear on of cold boot attacks. Using firmware passwords can harden computers, and merely closing the lid on a laptop is risk. Rather than letting computers go to sleep, F-Secure recommends using hibernation. Hibernation volition clear encryption keys from RAM, but other files could still be at risk. Shutting your estimator all the way off is nevertheless the best defense force.

Now read: Security Holes Discovered in two Popular VPN Services, Intel Drops Security Patch Benchmark Ban Later on Public Outcry, and New Speculative Execution Security Flaw Cracks Intel'due south Software Guard Extensions