Also some other points: A. They don't need to carry in a vat of liquid nitrogen they just need a can of compressed air held upside down B. 128 bit encryption is very secure, most algorithms are designed for 128 bit security in the first place and then extended to 256. In some cases 128 is even more secure than 256 due to issues that arise with the key scheduling of 256 bits. 256 is more quantum resistant though. A classical computer is not going to pwn 128 bit any time soon though. C. The best defense from a cold boot attack is to encapsulate the memory in some material that needs to be removed before they can dump it in a forensics laptop, and use chassis intrusion detection hardware that immediately shuts down into a memory wipe when they case is opened D. If you are identified in the first place you are relying on your attacker being retarded, there are a billion ways to steal passphrases and keys and FDE is only going to protect you if your attacker doesn't know what they are doing