Security flaw on modern PCs could leave your encrypted data exposed

MacBook Pro 15
Malarie Gokey/Digital Trends

A vulnerability on most modern PCs and Macs could leave your data exposed. Cybersecurity researchers at F-Secure discovered a weakness in the firmware of most modern computers could allow hackers access to encryption keys and other sensitive data.

Access to sensitive data is gained through a 2008-style cold boot attack, where the hacker forces a computer to restart without going through the normal shutdown process. The computer’s data is briefly accessible in the RAM after power is lost, but many modern devices overwrite the RAM to prevent unauthorized access to data during this type of attack. Researchers discovered that there is a way to disable the overwrite process, essentially reviving the decade-old method of attack.

“The attack exploits the fact that the firmware settings governing the behavior of the boot process are not protected against manipulation by a physical attacker,” F-Secure wrote in a blog post. “Using a simple hardware tool, an attacker can rewrite the non-volatile memory chip that contains these settings, disable memory overwriting, and enable booting from external devices. The cold boot attack can then be carried out by booting a special program off a USB stick.”

Despite the seriousness of the findings, the vulnerability may not be as damaging given that to carry out this exploit, hackers would need physical access to your device. If a hacker has physical access, the exploit can be conducted in approximately five minutes, researchers cautioned.

F-Secure shared its findings with Microsoft, Apple, and Intel, but given that physical device access is required for this type of attack, it doesn’t appear that a fix may be coming soon. Newer Mac systems with a T2 chip aren’t affected by this attack, and Microsoft claims that enabling pre-boot authentication with a PIN or startup key with BitLocker could help mitigate these risks. These more advanced security tactics, however, aren’t available to general consumers who run Windows 10 Home edition.

“Unfortunately, there is nothing Microsoft can do, since we are using flaws in PC hardware vendors’ firmware,” F-Secure principal security consultant Olle Segerdahl told TechCrunch. “Intel can only do so much, their position in the ecosystem is providing a reference platform for the vendors to extend and build their new models on.”

Wearables

Omron HeartGuide brings blood pressure monitoring to your wrist

High blood pressure leads to heart attacks, strokes, and many other health problems, so it's important to keep an eye on. Omron's HeartGuide is a fitness tracking watch that can also monitor your blood pressure from your wrist.
Gaming

Can't stand keyboard gaming on PC? Here's how to use a PS3 controller instead

Properly connecting a PlayStation 3 Controller to a PC is no easy task, especially when you opt for third-party peripherals. Thankfully, our guide will help you through the process.
Gaming

How you can give your PS4 a fresh start with a factory reset

Learn the many ways you can factory reset your PS4. From reverting your settings to factory to doing a full wipe and reinstalling the latest PlayStation firmware, we cover it all here, step by step.
Computing

Hackers are scoring with ransomware that attacks its previous victims

Computer viruses are always evolving. In a new one, dubbed "Ryuk," hackers are targeting PCs with ransomware that scours an infected network in order to pinpoint and attack and enterprises with big money.
Computing

It's not all free money. Here's what to know before you try to mine Bitcoin

Mining Bitcoin today is harder than it used to be, but if you have enough time, money, and cheap electricity, you can still turn a profit. Here's how to get started mining Bitcoin at home and in the cloud.
Computing

Need a free alternative to Adobe Illustrator? Here are our favorites

Photoshop and other commercial tools can be expensive, but drawing software doesn't need to be. This list of the best free drawing software is just as powerful as some of the more expensive offerings.
Emerging Tech

Awesome Tech You Can’t Buy Yet: camera with A.I. director, robot arm assistant

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Computing

What is fixed wireless 5G? Here’s everything you need to know

Here's fixed wireless 5G explained! Learn what you need to know about this effective new wireless technology, when it's available, how much it costs, and more. If you're thinking about 5G, this guide can help!
Computing

Fix those internet dead zones by turning an old router into a Wi-Fi repeater

Is there a Wi-Fi dead zone in your home or office? A Wi-Fi repeater can help. Don't buy a new one, though. Here is how to extend Wi-Fi range with another router you have lying around.
Computing

Heal your wrist aches and pains with one of these top ergonomic mice

If you have a growing ache in your wrist, it might be worth considering ergonomic mice alternatives. But which is the best ergonomic mouse for you? One of these could be the ticket to the right purchase for you.
Gaming

These are the best indie games you can get on PC right now

Though many indie games now come to consoles as well, there's still a much larger selection on PC. With that in mind, we've created a list of the best indie games for PC, with an emphasis on games that are only available on PC.
Apple

Want a MacBook that will last all day on a single charge? Check these models out

Battery life is one of the most important factors in buying any laptop, especially MacBooks. Their battery life is typically average, but there are some standouts. Knowing which MacBook has the best battery life can be rather useful.
Computing

Want a Dell laptop with an RTX 2060? Cross the new XPS 15 off your list

The next iteration of Dell's XPS 15 laptop won't come with an option for an RTX 2060, according to Alienware's Frank Azor. You could always opt for a new Alienware m15 or m17 instead.
Computing

Always have way too many tabs open? Google Chrome might finally help

Google is one step closer to bringing tab groups to its Chrome browser. The feature is now available in Google's Chrome Canady build with an early implementation that can be enabled through its flag system.