Protection against a Cold Boot Data Attack

You might have heard about the new technique for getting data off of an encrypted hard disk by freezing the memory on the computer. (You can do your own Google to find more details.) The story has hit mainstream press.

Am I worried? Only if someone physically gets to my computer, just after a power-down (or hibernate).

Protection? Several choices — the ones you use depend on the confidentiality of your data (or your activities on the computer):

– encrypt files / folders as well as the entire hard disk
– keep the computer physically secure to prevent theft; don’t use sleep or hibernate
– power off the computer, don’t use hibernate. By the time you get out the door, the data in RAM will ‘bleed off’.

Risky places? Try hotels, conferences, going through customs (did you know that your computer can be inspected — or even siezed — by Customs?), any place where your computer is not under your total physical control.

And ‘safe computing practices’ will also help. Add to those the physical security of your system and data. And that includes USB thumb drives.

Leave a Reply

Name and email are required. Your email address will not be published.