Thursday, February 21, 2008

HD Encryption can be defeated via DRAM vulnerability

Basically, the information stored in DRAM does not disappear instantly, it can take seconds to minutes for that information to fade. Which allows software from a special program to special operating system to retrieve the raw data out of this DRAM with out encryption. I would also assume a parasitic device could be placed on the DRAM module(s) to capture the unencrypted information. I would think that modifying the DRAM modules (at the factory) to shunt the memory would effectively fix the slow persistence of the data by actively draining the energy from the DRAM when it is supposed to be empty/off.

-- Tim Krabec

No comments: