Security data on the device is still obtained from RAM

An important file that has the password can still be revealed because the attacker only needs to cut off the power of the machine, turn it back on and then boot with a USB drive or iPod that can copy the file contents still saved Random access memory RAM.

A group of researchers at Princeton University (USA) said that even if this data is stored in an encrypted hard drive, it could be lost. The problem called this "cold-boot attack" is being discussed by Usenix Security Conference.

Security data on the device is still obtained from RAM Picture 1
Images depicting RAM data disappear after 30 seconds, 60 seconds and 5 minutes,
when RAM is in normal state. Photo: CNet .

Security data on the device is still obtained from RAM Picture 2
But just spraying liquid nitrogen into RAM can prolong data loss time.

Normally, data on RAM will fade over time from seconds to minutes after the power is cut. But this time is enough for the owner to read them, including the key and the content, after rebooting the computer into another operating system or removing the memory chip and then placing it on another computer.

It is worth noting that the attacker can extend the time of data loss on RAM by cooling the memory chip by spraying compressed air into it (gas in a spray bottle or used to clean the computer keyboard) in when the machine is running. Liquid nitrogen will cause the chip to hold data for a few days so that hackers are comfortable with it.

" The forms of encryption in use are not steel shields for user data ," said team leader J. Alex Halderman. " Therefore, organizations and individuals who are too confident in disk encryption need to pay more attention ."