Disk encryption not safe enough

http://blog.wired.com/27bstroke6/2008/02/researchers-dis.html

According to a new study from Princton, it is vulnerable to "cold boot attacks" because the RAM retains information for minutes after power off when they are cooled (see the CO2 canister in the picture), thus alowing the encryption information to be retrieved if the attacker have the computer in physical possesion.

 

Interesting...

 

It's not everyday that a computer hacker has physical access to your computer so this may be a little irrelevant.

 

Yes, but what about all those stolen laptops?

 

People should just keep a closer eye on their things instead of blaming everything else.

 

They should have a function that makes a notebook destroy itself if stolen. Or a gps that activates after 3 failed password attempts.

 

i was just chatting with livechat at lenovo and he said if the laptop is stolen no one can read the data

how come?

how come? i thought if he has access to the machine he will be able to read the data!

 

I guess if you work for the research department of a Fortune 500 company/an intelligence agency/NASA etc., your laptop might contain very interesting data.
In that case the whole "let's use CO2 within 3.25 minutes after we steal the laptop, containing $127.5 million worth of information, from the RAM"-question becomes valid.

If you are a college student/working in the average cubical, I don't think you have to worry that much about CO2 carrying laptop thieves that will load off your RAM.
Having your laptop (with an encrypted HD) stolen will be enough to feel bad.

 

I actually heard about this a while ago. It's interesting, but somebody would have to have access to your computer for a considerable amount of time to be able to get the information off of it.