Don’t Freeze Your Ice Cream SandwichAdded: Sunday, March 24th, 2013
Category: Bit Torrent Freedom > The Industries Of Records, Gaming, Software, Movies
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extratorrent.com
German security researchers have found out some ways to make the Android phone with Ice Cream Sandwich talk. It turned out that if you torture an Android phone by freezing it you will be able to get around the encryption system which protects the information.
Google has recently introduced the data scrambling system with the Android version called Ice Cream Sandwich. Insecurity researchers at Erlangen’s Friedrich-Alexander University tried to understand what would happen if they put an Ice Cream Sandwich in the freezer. They revealed that the OS didn’t like it at all and this move allowed the experts to get at contact lists, browsing histories and images.
Although it’s great for law enforcement and forensics workers, it is not for ordinary users who put some trust in their phones to give them a little bit of privacy. Ironically enough, researchers Felix Freiling, Tilo Muller and Michael Spreitzenbarth called their technique FROST, which stands for Forensic Recovery Of Scrambled Telephones.
Apparently, all they had to do was chill the cell phone to -10C to force it spill any secrets it was asked. The researchers found out that quickly connecting and disconnecting the battery of a frozen phone switched the device into a vulnerable mode.
This flaw let the experts start it up with some custom-built software instead of its onboard Android OS. FROST helped the researchers copy information on a phone which then could then be analyzed on another computer. The matter is that in case the phone was chilled, information would fade from its memory much more slowly, which allowed the researchers to extract the encryption keys and speed up unscrambling the contents of a device.
The experiment was made with a Samsung Galaxy Nexus phone, but it seems that any Android cell phone with the encryption system is vulnerable. This approach has also been tried on desktop computers and laptops earlier. The hopes were that it would work better on phones because they are smaller and don’t require a big refrigerator.
At the moment, the German research group is developing defences against this approach which would ensure that encryption keys are never put on memory chips that are more vulnerable to cold.
March 24th,2013Posted by:
Sunday, March 24th, 2013
|The theory must go that if I put my phone in an oven at 200 degrees the info will leak so quickly that my details will be safeguarded!!!!!!! Too much time on these peoples hands........LOL|
|mcguyver could definitely use this info!|
|posted by (2013-03-25 17:23:53)|
|Phones use static memory, meaning the memory doesn't fade when power is removed. Why would chilling the phone to -10c matter?|
|@ #3 My sentiments exactly !!!!!!!|
|posted by (2013-03-26 03:32:54)|
|I remember reading about using a similar, freezing technique to get at encrypted info. These guys just applied it to Android.|
Frightening. I guess the lesson here is to not rely on other people, companies, or the government to preserve your right to privacy. You have to do it yourself. In the case of Android, you'd have to look at using an app with a strong encryption algorithm, which has been rated well. LUKSManager and Cryptonite are two such apps, but you need a rooted phone before you can start.
There's also TextSecure and RedPhone, which are excellent. If they made a whole disk encryption app, I would use it for sure. Their current apps are the next, best thing. Especially for texting.
|posted by (2013-03-26 08:07:27)|
|@lol66 & Skaterz4life freezing the phone slows down the loss of the memory contents.|
|posted by (2013-03-26 18:36:37)|
Right, but static memory doesn't lose it's contents ever. Hot, cold in between the memory does not lose it's content.
|the government is not going to allow more encryption than they can get through.|
look back with the netscape 128 bit encryption, when it wasn't allowed to be downloaded from outside the US.
once it wasn't able to stop them, it was released to the world to use.
and yes there is a limit to how long static memory can remain without a refresher charge...
its not like its a prom that is burned, its a memory that holds its contents wit a very small voltage, usually on a capacitor, and that is not forever.
|posted by (2013-03-27 07:18:43)|
|@lol66 The static memory is only used for storage, phones still use RAM which gets reset when you pull the battery. For instance the Galaxy S3 has 2GB RAM then you get to choose the storage be it 16/32/64GB of static memory.||
Most Popular Stories