This specification is widely known as MORLock (Memory Overwrite Request Control).
“Trusted Computer Group”, a consortium that’s formed by AMD, Intel, IBM, HP (Hewlett-Packard) and Microsoft decided to overwrite the RAM content when the computer gets back to power. Despite this fact, computer manufacturers ensured to implement a protection against it. Instead, high value persons are the target. As it requires physical access, general users aren’t the normal target of the crooks. The side-channel attack “cold-boot” has been around for years. RAM is a volatile memory that loses all its data without power, right? If you can cool the RAM down fast enough, you’re successful in enabling the RAM to hold those data for minutes! That’s what some security researchers figured out and demonstrated the deadliness of this cold-boot attack.
Steal any password software#
The attack successfully exploits the weakness in how the computers protect the low-level software that’s responsible for performing all the interactions with the RAM.
The data may include encryption keys, even after the power loss. It depends on the memory behavior of the system memories to extract sensitive information out of the system’s RAM. This is a type of side-channel attack that, for performing on any system, requires physical access to the machine.
0 kommentar(er)
