Make no mistakes about it, your lockscreen is good at keeping honest people honest, but a truly dedicated thief is bound to find his way around it. One of the wilder ways to do so has recently been demonstrated by researchers who cracked through a Galaxy Nexus’s security by throwing it in a freezer.
The technique is called “cold-booting” and it’s been around as a computer hacking process for years. Thanks to RAMs tendency to hold onto little bits of data for just a small period of time, hackers can boot devices into other operating systems for nefarious purposes if they can turn a device off and on fast enough. That’s where the freezer comes in.
By putting the target phone — in this case, a Galaxy Nexus — in a freezer, researchers at Erlangen University in Germany found they could make the RAM retain data for five or six seconds instead of one or two. Turns out that’s just enough time to shut off the device, get it back up and running in fastboot mode, and steal the remnant data from the RAM with a special toolkit fittingly called FROST (Forensic Recovery of Scrambled Telephones). With that remnant data, they could then bypass the lockscreen with no problems, getting full access to the phone.
Fortunately, there are a bunch of requirements for such an attack. For one, the phone has to have a removable battery so it can be shut down fast enough. And it also has to have an unlocked bootloader. And, obviously, thieves need extended physical access to your phone to pull this off. Even if your phone doesn’t meet all those criteria, this little trick serves as a valuable reminder: don’t rely on the lockscreen for total security. There are always ways around it. [Ars Technica]