If you thought setting a password or pattern-protected lockscreen on your Android device was enough to keep your private data from leaking out, should your phone fall into the wrong hands, think again! In fact, it turns out that all that it takes to to crack that lock wide open and break through your phone security is a regular domestic freezer, a motivated hacker, and of course – your Android smartphone.
A group of researchers from Erlangen University, Germany have discovered a way of extracting the information that is stored on a smartphone’s RAM, irrespective of whether the device is secured by a lockscreen password. And even if the device storage memory happens to be encrypted. This trick, called cold-booting, is based on the concept of FROST, which is short for Forensic Recovery of Scrambled Telephones. It involves chilling the device down to about -15° Celsius or -5° Fahrenheit, which allows a hacker to take advantage of the RAM’s tendency to retain bits of data for a few seconds longer than it ordinarily would.
As part of their experiment, the researchers threw in a Galaxy Nexus into a freezer, and after a while found that the RAM actually retained data for a good 5-6 seconds. Now this happens to be more than just good enough for a reboot to bootloader mode, and deploying a special toolkit, FROST, to extract the remnant or residual data from the device RAM. Once that data is obtained, the lockscreen or any other encrypted/unencrypted data on the device such as images, emails, Wi-Fi passwords, text messages, browser history could be easily accessed from the phone memory! And not just that, even the keys that are used to decrypt and read encrypted storage content on the device could be found in some cases. Scary, isn’t it?
Incidentally, this method has been around for ages as a computer hacking process, and well, it would seem that it works just as effectively for smartphones too. Considering most modern-day mobile phone users rarely switch their phones off, the amount of data that is retained in the RAM can be considerable. Having said that, there are a few conditions that need to be met for a hack like this to be successful. For starters, the phone needs to be one with a removable battery. This is so that it can be powered off and back on fast enough to get to bootloader mode. So those with a Nexus 4 or a Droid DNA or for that matter, an iPhone, seem to be safe around freezers for now. The other requirement seems to be that the device have an unlocked bootloader, for the hacker to be able to read the contents of an encrypted storage disk or partition on the device.
Both conditions are not exactly something that would be met in case of most devices picked at random. Even so, this is a good reminder of how easily mobile phone security can be compromised given the right circumstances and skills, and oh – to reboot your phone often, just in case.