• 0

FROST: Forensic Recovery Of Scrambled Telephones  www1.informatik.uni-erlangen.de

2016-01-05 03:25:51 in Information Security (InfoSec) by Red Letter Security

"We show that cold boot attacks against Android phones are generally possible for the first time, and we perform our attacks practically against Galaxy Nexus devices from Samsung. To break disk encryption, the bootloader must be unlocked before the attack because scrambled user partitions are wiped during unlocking. However, we show that cold boot attacks are more generic and allow to retrieve sensitive information, such as contact lists, visited web sites, and photos, directly from RAM, even though the bootloader is locked."