The Naked Scientists

The Naked Scientists Forum

Author Topic: A potential computer data security risk: cooling the DRAM  (Read 3617 times)

Offline engrByDayPianstByNight

  • Sr. Member
  • ****
  • Posts: 105
    • View Profile
There is an article in today's New York Times. The Princeton researchers find that when cooling the DRAM in the laptop immediately after it's powered off, you can keep the data stored in DRAM intact for a few hours, which provides ample time for potential data theft.

Furthermore, there is a video clip from the Princeton group in the following URL for the demo:

http://citp.princeton.edu/memory/

There's also a technical paper on that website if anybody's interested.


 

another_someone

  • Guest
A potential computer data security risk: cooling the DRAM
« Reply #1 on: 22/02/2008 16:45:51 »
While interesting, does it really increase the threat significantly.  The problems with residual memory have always existed, if not in DRAM, then in the swap files most modern  operating systems use.

The only way out of this is if the shutdown procedure zeroed out all memory before shutting down - but even that would not work if you had an improperly shut down system (and would annoy users who don't want to wait for a clean shutdown).

The reality is that anyone who can physically get to your machine represents some degree of security risk, and that ultimately is unavoidable (although you can do some things to reduce the risk, but many of those things will hit the performance of the system).  Ultimately, the physical security of the system must be regarded as part of the overall information security issue.
« Last Edit: 22/02/2008 17:27:31 by another_someone »
 

Offline engrByDayPianstByNight

  • Sr. Member
  • ****
  • Posts: 105
    • View Profile
A potential computer data security risk: cooling the DRAM
« Reply #2 on: 22/02/2008 17:04:28 »
I agree with you, another_someone. I also doubt it would significantly increase the chance of data security threat. This is a very interesting academic problem. I'm not a CS major, but I know this problem has been known for quite some time. But this paper (and the video demo) is interesting in that they have done a very good job demonstrating how data security is compromised with great clarity and simplicity.

Their technical paper, which I started reading, discussed a few more things that were not sufficiently explained in the NYTimes article.   
 

The Naked Scientists Forum

A potential computer data security risk: cooling the DRAM
« Reply #2 on: 22/02/2008 17:04:28 »

 

SMF 2.0.10 | SMF © 2015, Simple Machines
SMFAds for Free Forums