Silk Road forums

Discussion => Security => Topic started by: SimplyTheBest1 on March 07, 2013, 01:59 pm

Title: Cold Boot Attack
Post by: SimplyTheBest1 on March 07, 2013, 01:59 pm
CBA can crack Androids too now.


http://www.forbes.com/sites/andygreenberg/2013/02/14/frost-attack-unlocks-android-phones-data-by-chilling-its-memory-in-a-freezer/

https://citp.princeton.edu/research/memory
Title: Re: Cold Boot Attack
Post by: SelfSovereignty on March 07, 2013, 02:19 pm
WTF... "a useful tool for law enforcement?"  Are they insane?  Law enforcement buy devices that rip the entire contents of the phone in like, 5 minutes.  I don't think a fucking PIN lock is going to keep them out.

This entire article confuses me.  It confuses me because this is going to vary wildly by manufacturer, Android version, ROM installed, etc., etc., etc.. If you get the key to the encrypted disk, boom, you're in.  If you don't, you aren't.  That isn't being changed here.

I don't get what the big deal is.  So they got around a PIN.  Why's that news worthy.
Title: Re: Cold Boot Attack
Post by: kmfkewm on March 07, 2013, 02:40 pm
Cold boot attack works against RAM no matter what device the RAM is in.
Title: Re: Cold Boot Attack
Post by: Jediknight on March 07, 2013, 06:58 pm
One thing is for sure, the local police department doesn't have the resources to do this.  Maybe if its like Bin Laden or something . ..

This could work two ways, you could also load a phone with fake data and get 'caught' with it.  They would yank the fake data and start red herring their way to nowhere... Its a good thing actually ..  If they go through all that work to get in, they will surely think the data is legit on it.  They could incriminate themselves and botch an investigation with this fake data leading them to innocent people muuhooohhaaa  :-)

Jeese, the last few busts around my place were all taken from one asshole's cel phone records.  They nabbed about 7 people all from one cel phone.  Previous txt messages did them in.  Warrants were issued based on that data alone.
Title: Re: Cold Boot Attack
Post by: astor on March 08, 2013, 03:20 am
Cold boot attack works against RAM no matter what device the RAM is in.

But kmf, I've heard a lot of people say that CBA doesn't work against DDR3. What's your opinion?
Title: Re: Cold Boot Attack
Post by: anonom on March 08, 2013, 11:21 pm
WTF... "a useful tool for law enforcement?"  Are they insane?  Law enforcement buy devices that rip the entire contents of the phone in like, 5 minutes.  I don't think a fucking PIN lock is going to keep them out.

This entire article confuses me.  It confuses me because this is going to vary wildly by manufacturer, Android version, ROM installed, etc., etc., etc.. If you get the key to the encrypted disk, boom, you're in.  If you don't, you aren't.  That isn't being changed here.

I don't get what the big deal is.  So they got around a PIN.  Why's that news worthy.

Yeah, SS is absolutely right. Why bother with coldboot attack ?

There is softwares, toolkits and other simple tools that can do deeps forensics analysis of any given standard android devices. Probably just as easy on Apple devices too.

The cold boot attack is for me like a "last resort" way to gather some useful data. Most of the time the SD/card flash memory will already provides tons of information on it's own.
Title: Re: Cold Boot Attack
Post by: CrazyBart on March 08, 2013, 11:27 pm
Cold booting is dumb. If anyone has access to your phone/computer for the time that a CBA takes, you might as well considered yourself fucked no matter what
Title: Re: Cold Boot Attack
Post by: kmfkewm on March 12, 2013, 04:59 pm
Cold boot attack works against RAM no matter what device the RAM is in.

But kmf, I've heard a lot of people say that CBA doesn't work against DDR3. What's your opinion?

I actually asked a forensics expert about this. He said that CBA doesn't work against DDR3 unless the memory is frozen. Unlike DDR2 etc DDR3 has its state decay very rapidly, so you cannot quickly restart the machine and boot up into a forensics live OS, or remove the RAM and put it into a forensics laptop. But the rate of its state decay is still slowed by freezing it, so provided you freeze it the attack is still feasible. CBA doesn't always inherently involve freezing the RAM, but in cases where the RAM is frozen it is still applicable to DDR3.
Title: Re: Cold Boot Attack
Post by: astor on March 12, 2013, 07:47 pm
So in other words, COLD boot attacks work against DDR3. :)
Title: Re: Cold Boot Attack
Post by: kmfkewm on March 13, 2013, 12:53 pm
So in other words, COLD boot attacks work against DDR3. :)

Yep pretty much. Cold boot attacks don't work but cold cold boot attacks do :P.