Skip to main content
  1. Home
  2. Computing

Researchers Defeat HDD Encryption

By

While properly encrypted hard drives were thought to offer a challenge to even the most talented of hackers, a recent breakthrough has proven that even this extreme security measure possesses major vulnerabilities. On Thursday, a group of Princeton researchers revealed a creative exploit that allows common hard drive encryption software to be easily bypassed in minutes by anyone who has physical access to the computer.

While most new hacks and security vulnerabilities rely on software loopholes, the Princeton researchers actually exploited a property of computer hardware to snag encryption keys.  Since most encryption programs require users to enter their passwords only once at boot, they store an encryption key in RAM to decode the hard drive’s encrypted contents on the fly. Most software companies would not consider this a vulnerability, since the contents of DRAM are wiped clean without electricity, making the key seemingly impossible to steal.

Recommended Videos

But the Princeton researchers found that DRAM holds its contents for much longer without electricity than most people suspected, and developed a way to extend its life even further by freezing it with the spray from an upside-down can of air duster. When presented with a running but locked computer, researchers were able to preserve the memory with air duster, swap it to a different laptop, pull the encryption keys right out and read the encrypted drives.

Related

The team successfully cracked drives encoded by popular schemes including Microsoft Vista’s BitLocker and Mac OS X’s FileFault, along with dm-crypt and TrueCrypt. The only prospect for circumventing the Princeton attack procedure may be using an additional encryption string, which would be stored on a USB thumb drive or other removable media, and taken with the user when away from the laptop.

Editors' Recommendations

Nick Mokey
Nick Mokey
Managing Editor
As Digital Trends’ Managing Editor, Nick Mokey oversees an editorial team delivering definitive reviews, enlightening…
Does your Mac need antivirus software in 2024? We asked the experts
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

It’s an age-old question among Apple fans: Does your Mac need antivirus software? Traditionally, the popular answer has been no -- Macs have strong built-in protections, the argument goes, and antivirus apps can potentially slow down your computer. In the end, the trade-off didn’t seem to be worth it.

But is that still true today? After all, Macs are increasingly becoming a target of cybercriminals, with some Mac malware strains supposedly even being created by nation states. In that kind of situation, has the game changed?

Read more
These 6 tweaks take MacBooks from great to nearly perfect
The MacBook Air on a white table.

I love getting a new MacBook. The slow-opening box, the fresh install of macOS, even the enchanting new Mac smell (which people have been rhapsodizing about for decades) -- it’s all part of the experience.

But you know what? MacBooks don't arrive perfect out of the box. There are a few things that I always have to adjust, regardless of how powerful the laptop is. From changing the default apps to unlocking a few hidden extras, here are the first six things to do with your new MacBook before putting it to work.
Unlock some trackpad tricks

Read more
Don’t download the latest macOS Ventura update just yet
The 14-inch MacBook Pro with M3 Max chip seen from behind.

We have a warning if your MacBook or other Mac machine is still running macOS Ventura. The latest macOS Ventura 13.6.6 update is bringing a lot of big bugs, and it is affecting the way that people are using their favorite Apple products, so you might want to hold off on downloading the update.

Originally released back on March 25, this problematic update came at the same time as macOS Sonoma 14.4.1, which patched issues with Java, USB hubs, and more. Unfortunately, though, macOS Ventura 13.6.6 is introducing some new issues of its own. Spotted by the folks at GottaBeMobile, Mac users have taken to Apple's support forums to complain of everyday issues linked to this release that are breaking their Macs.

Read more