Tuesday, March 4, 2008

Cold Boot Encryption Attack goes Open Source

If you've been reading along you'll be familiar with the cold boot/RAM harvesting encryption key attack that came to light a few weeks ago. Originally, researchers from Princeton posted a video highlighting their work in harvesting encryption key information from RAM. If you haven't been following along, take the time to watch the video and then read here and here for our write-up.

As predicted, a tool has been released into the wild to harvest RAM data from Microsoft Windows computers. The McGrew Security RAM Dumper is not a tool that is script-kiddie friendly, however with a little work and utilizing the instructions provided you too can grab the contents of RAM and run.

In the end, tools like this will become more readily available and used more often to expose what we would prefer to keep confidential. As the adage goes, "If the bad guys get their hands on your computer, it's not your computer any longer."

No comments: