Posts Tagged ‘passwords’

Well here’s a video that I found very interesting (and shocking) of some Princeton students who developped a method to successfully retrieve disk encryption keys without any brute force or password cracking. What they used is a little-known feature of RAM – it takes a while to discharge – just enough to retrieve any information needed from it.

Most disk encryption systems store the key from the Trusted Platform Module (TPM) in the RAM once the user turns on the computer and logs in so that it can dynamically unencrypt any needed files. This leaves a huge security risk if you have a notebook and leave it on standby or lock it. This was especially scary for me, since I have a university-issued laptop and have disk encryption on it.

Well, enough talking, let’s get to the video already.

Quite interesting, isn’t it? Moral of the story – make sure you turn off your computer if you are concerned about security.