http://www.forbes.com/sites/andygreenberg/2013/02/14/frost-attack-unlocks-android-phones-data-by-chilling-its-memory-in-a-freezer/
--
Unsubscribe, change to digest, or change password at:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
This is a good illustration how data in use is exposed to physical attacks
on most computing devices.
An interesting side-note is that Android phones are starting to ship with a
hardware security module (HSM), which can be used for crypto operations and
key storage. Duo Security is one company
Thanks Steve,
Any idea why the researchers would posit that iOS devices may be less
susceptible?
Brian
On Thu, Feb 21, 2013 at 10:08 AM, Steve Weis stevew...@gmail.com wrote:
This is a good illustration how data in use is exposed to physical attacks
on most computing devices.
An
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2/21/13 10:32 AM, Brian Conley wrote:
Any idea why the researchers would posit that iOS devices may be
less susceptible?
Not sure if this is what they have in mind, but this particular
technique requires a battery pop to get into fastboot mode,
hrm, also true for the newest line of google nexus i believe.
On Thu, Feb 21, 2013 at 10:37 AM, Parker Higgins par...@eff.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2/21/13 10:32 AM, Brian Conley wrote:
Any idea why the researchers would posit that iOS devices may be
Brian Conley:
hrm, also true for the newest line of google nexus i believe.
In any phone where one might be able to open the case, I assume someone
will also just be able to tap the bus lines. Thus, the easy route
(booting off of a special image) might not be simple but these devices
aren't
Always trust Jake to cut right to the bare honest ugly (and depressing!)
truth.
thanks!
B
On Thu, Feb 21, 2013 at 10:48 AM, Jacob Appelbaum ja...@appelbaum.netwrote:
Brian Conley:
hrm, also true for the newest line of google nexus i believe.
In any phone where one might be able to open
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 21/02/13 18:32, Brian Conley wrote:
Any idea why the researchers would posit that iOS devices may be
less susceptible?
iOS has several classes of encrypted storage. For the
NSFileProtectionComplete class, the class key that protects the
Brian Conley:
Always trust Jake to cut right to the bare honest ugly (and depressing!)
truth.
If you really want to be depressed about mobile security, I encourage
you to acquire the cellebrite UFED forensics device:
http://www.cellebrite.com/mobile-forensic-products/ufed-touch-ultimate.html
On Thu, Feb 21, 2013 at 2:08 PM, Jacob Appelbaum ja...@appelbaum.netwrote:
It seems like one of the few times the use of something like TRESOR
would improve:
http://www1.informatik.uni-erlangen.de/tresor
TRESOR looks very interesting! I wonder what's preventing its kind of
techniques from
TRESOR uses debug registers and only protects key material. It doesn't
protect the code that actually reads that key in or out of the register,
nor any of the data that is actually decrypted with the key. So, it
provides protection just for keys against passive, read-only attacks
against memory.
11 matches
Mail list logo