Most Sleeping Laptops Vulnerable to Cold Boot Attacks

Cold boot attack leaves Apple and Microsoft systems vulnerable to data theft

According to security firm F-Secure, nearly every computer is vulnerable to this type of attack.

Disk encryption might not always protect your data if someone steals or even just "borrows" your computer, thanks to a new "cold boot" hardware attack technique discovered by researchers at Finnish cybersecurity firm F-Secure.

Most computers now include a safety measure that sees it removes the data stored on RAM to prevent hackers from stealing sensitive information.

But Segerdahl and researchers from F-Secure said they've found a way to disable that safety measure and extract data using cold boot attacks. "And since this type of threat is primarily relevant in scenarios where devices are stolen or illicitly obtained, it's the kind of thing an attacker will have plenty of time to execute", explained Segerdahl, principal security consultant at F-Secure.

The weakness allows attackers with physical access to a computer to perform a cold boot attack - an attack that's been known to hackers since 2008. This type of attack resets a computer forcefully and then steals the leftover data in the RAM.

"The attack exploits the fact that the firmware settings governing the behaviour of the boot process are not protected against manipulation by a physical attacker", F-Secure wrote in a blog post.

More news: Stare Down from Space into the Churning Maw of Hurricane Florence

Using a simple hardware tool, an attacker can rewrite the non-volatile memory chip that contains these settings, disable memory overwriting, and enable booting from external devices.

Modern laptops overwrite RAM specifically to prevent attackers from using this method to steal data.

F-Secure says that laptops from Apple, Dell and Lenovo are vulnerable to the modified attack, and said it's notified Microsoft, Intel and Apple about the problem so they can get to work on a fix. Sweden, and will be presented again September 27 at the BlueHat security conference on the Microsoft main campus in Redmond, Washington.

The first cold-boot attack was developed a decade ago. "And when you have a security issue found in devices from major PC vendors, like the weakness my team has learned to exploit, you need to assume that a lot of companies have a weak link in their security that they're not fully aware of or prepared to deal with".

Their attack works on computers in sleep mode, since shut down and hibernation actions cut off the power, and cause the residual memory to quickly degrade beyond recovery. One approach is to configure laptops to automatically shut down or hibernate instead of entering sleep mode and require users to enter the Bitlocker PIN each time Windows boots up or restores. "This is especially important for company executives (or other employees with access to sensitive info) and employees that travel (who are more likely to leave their laptops in hotel rooms, taxi cabs, restaurants, or airports)".

Apple responded by pointing to the latest generation of Macs, which have the T2 chip that do the encryption separately from the CPU and makes such an attack more hard to execute.

Related News:

  • Fears as Hurricane Florence nears USA coast

    Workers are being brought in from the Midwest and Florida to help in the storm's aftermath, it said. Utility companies said millions were expected to lose power and restoration could take weeks.
    NY Times: Chinese Might Face Human Rights Sanctions

    NY Times: Chinese Might Face Human Rights Sanctions

    In the camps, the Uighurs are reportedly forced to learn Mandarin Chinese, espouse the Communist party and denounce Islam. In the report, HRW documents the increasing government control over the 13 million Muslims living in Xinjiang.
    Scientists discover three new sea creatures in depths of the Pacific Ocean

    Scientists discover three new sea creatures in depths of the Pacific Ocean

    Located off the coasts of Peru and Chile, the 3,700-mile long (6,000 km) Atacama Trench bottoms out at 26,460 feet (8,065 metres). Apart from snailfish, they also found various freakish creatures in the environment such as long-legged isopods or Munnopsids .
  • Hurricane Florence weakens, but still a strong flood threat

    While Florence is no longer considered a major hurricane, its reach has expanded, threatening residents from Georgia to Virginia. Elder relatives carry as much weight as meteorologists in a tight-knit community of slave descendants on the SC coast.

    Hurricane Florence weakens to Category 1 storm

    Cooper said 108 shelters are open across the state, with more than 7,000 people already staying at them, as of Thursday afternoon. Ken Graham, director of the hurricane center, said on Facebook the storm surges could push in as far as 3 kilometers (2 miles).

    Hurricane Florence Downgraded To Category 2 Storm, Still Concerned Life-Threatening

    Surge-related flooding depends on the relative timing of the surge and the tidal cycle, and can vary greatly over short distances. The port in Charleston, South Carolina, though, was suspending operations from Thursday through Saturday and possibly on Sunday.
  • Hurricane Florence likely to affect southeast United States  energy infrastructure

    Hurricane Florence likely to affect southeast United States energy infrastructure

    The NHC notes that amount of rainfall would "produce catastrophic flash flooding and prolonged significant river flooding". People in areas vulnerable to the unsafe hurricane, particularly those in coastal regions, have fled ahead of the storm.
    Facebook's 'Rosetta' AI can extract text from a billion images daily

    Facebook's 'Rosetta' AI can extract text from a billion images daily

    Asus Days Sale: Get Asus Max Pro 1 Smartphone at Rs 10,499 + Extra Exchange Value Up to Rs 3,000 Exclusively on Flipkart. Memes have become a great source to entertain people, convey a message or any other goal on the social media platform.
    How Arsenal could line up against Newcastle United

    How Arsenal could line up against Newcastle United

    Following talks over the worldwide break, Emery claims the two are getting on and have a good working relationship. I want to push them, I want to be demanding to prepare this match - Mesut the same'.
  • Nawaz Sharif's Wife Kulsoom Nawaz's Body Reaches Lahore, Funeral Tonight

    Nawaz Sharif's Wife Kulsoom Nawaz's Body Reaches Lahore, Funeral Tonight

    The Pakistan Tehreek-e-Insaf and Pakistan Peoples Party's delegations will attend the funeral prayers, Geo News reported. The family is now meeting people in Jati Umra, who have come to pay homage to Begum Kulsoom.
    The Nintendo Switch just became a Final Fantasy machine

    The Nintendo Switch just became a Final Fantasy machine

    As for the rest of the event, Nintendo covered plenty more ground, most of which touched on previous announcements. Unbeknownst to Noctis, however, the journey ahead is fraught with perils...
    CLOSINGS: Several schools close ahead of Hurricane Florence

    CLOSINGS: Several schools close ahead of Hurricane Florence

    Matthews Motors is using its cars to hopefully shield the business from Hurricane Florence's devastation. Workers are being brought in from the Midwest and Florida to help in the storm's aftermath, it said.


Most liked

Wind approaches outer banks of North Carolina
More than a million people along the coastlines of North Carolina, South Carolina and Virginia have been ordered to evacuate. Already Thursday, streets were transformed into raging streams and massive waves surged along the Outer Banks.

FDA mulls ban on flavored e-cigarettes
In other cases, such as when adult smokers use them to quit smoking, they offer an opportunity to reduce smoking-related illness. The FDA is dealing with a lawsuit from some public health groups for delaying until 2022 certain rules of electronic cigarettes.

New England Patriots: Health of Leonard Fournette is crucial in Week 2
Fournette, who jogged on the side at practice Thursday afternoon, said he liked his chances to play Sunday. "It's definitely the most important game of my life", said Jack .

Erdogan: Turkey came under 'economic attack' after USA statements
TRT World journalist Mobin Nasir has the latest on the Turkish central bank's decision to increase interest rates to 24 percent. The rate hit the lowest level in two weeks.

Not even Jalen Ramsey's grandmother is safe from his trash talk
Jaguars cornerback Jalen Ramsey said last month that Patriots tight end Rob Gronkowski is "overrated", and he's not backing down. I'm very confident in all of my teammates on the defensive side of the ball. "I'll do my job and hold it down when I'm there".

Landslide crashes on to tourist beach on Zante
Rescue teams with sniffer dogs have reportedly been dispatched to help local authorities search for the missing. He said: "I thought more was coming and I just started running".

Are butter, cheese and whole milk really good for you?
A new research challenges the widely held belief that those who consume less full fat are at higher risk of heart disease . Those in the high-intake group had lower total mortality rates compared to the no-intake group (3.4% vs 5.6%).

Justin Bieber and Hailey Baldwin literally just got married
At one point the "crying" popstar allegedly told his fiance of two months "I can't wait to marry you, baby ". We will just have to wait and see! "I think he made a conscious choice for himself to change", Braun said.

Celtics release statement addressing Jabari Bird arrest
Drafted with the 58th pick in 2017, Bird spent most of last season with the Maine Red Claws, the Celtics G-League affiliate. According the the police report , the victim suffered internal bleeding behind her ear in addition to cuts and bruises.

Apple iPhone XS, XS Plus Launch date confirmed!
The "s" cycle would make more sense, since Apple has done it every other year, until the transition between the iPhone 7 and 8. The battery of the iPhone XS Max, on the other hand, maybe 25% bigger than that of the iPhone X, according to Ming-Chi Kuo.

Developing Story | Pope Francis meets with bishops about the abuse crisis
House Speaker Paul Ryan (R-WI) commented Thursday on the sexual abuse and cover-up scandal that is rocking the Catholic church. The Vatican is grappling with claims that the leader of the Catholic Church helped cover up an American cardinal's misconduct.

E-cig makers have 60 days to show they aren’t targeting minors
The FDA will also look closely at "straw purchases", in which adults visit web-based stores and buy in bulk to resell to minors. Juul, a private company, represents 72 percent of sales, according to Nielsen data compiled by Wells Fargo analyst Bonnie.

FCC Pauses Proposed Sprint-T-Mobile Merger
He says it appears to incorporate new logic, methodologies, facts, and assumptions, something that can't be reviewed quickly. T-Mobile and Sprint have "extended" a network engineering model that was originally submitted as a backup plan.

Pauline Hanson calls girl 'brat' who doesn't stand for national anthem
Harper was given detention last week as a result of her defiance but the punishment has not seemed to phase her. Shock jock Alan Jones and controversial commentator Mark Latham said Harper was "defying the school".

Assassin’s Creed Odyssey Cloud Version Coming to Switch
Weekly and daily "contracts" will be handed out, and players will have to track down an epic mercenary or ship to defeat. Both games come with higher resolution textures, a new graphics engine and support for 4K and HDR.