Researchers bypass Android encryption by exposing phones to freezing temperatures

Posted:
in iPhone edited January 2014
Security researchers in Germany have discovered that physically freezing an Android smartphone can grant access to encrypted data.

Frost
Researchers freezing a Galaxy Nexus, via Friedrich-Alexander University.


Google's encryption method, which has been a part of Android since the "Ice Cream Sandwich" release, was bypassed by exposing a smartphone to freezing temperatures for an hour, according to the BBC. After that time period, researchers were able to access previously encrypted contacts, browsing histories, and photos.

The test was conducted by researchers from Friedrich-Alexander University in Germany with Samsung Galaxy Nexus handsets, and the phones were cooled to 10 degrees below zero Celsius. Then the battery was quickly disconnected and reconnected, placing the handset into a vulnerable mode.

"This loophole let them start it up with some custom-built software rather than its onboard Android operating system," the report said. "The researchers dubbed their custom code Frost ? Forensic Recovery of Scrambled Telephones."

Frost
The "FROST" hack in action, via Friedrich-Alexander University.


The strange and involved process of bypassing Android encryption is not likely a concern to end users of Android devices, but could be an issue for corporations and governments that carry highly sensitive information on mobile devices. The researchers said that while they tested their methods with the Galaxy Nexus, other Android phones are also likely to be vulnerable.

Freezing the phone reportedly aids in the hacking of Android because the low temperatures cause data to fade from internal chips more slowly. Researchers used this phenomenon to obtain encryption keys and unscramble the phone's encrypted data.
«13

Comments

  • Reply 1 of 55
    tallest skiltallest skil Posts: 43,388member


    And now the spin: "Apple phones just break when they're that cold! At least Android keeps working!"

  • Reply 2 of 55
    solipsismxsolipsismx Posts: 19,566member
    You'd think something called Ice Cream Sandwich could withstand freezing temperatures.



    PS: Beat you to it, [B]GTR[/B]. :D
  • Reply 3 of 55
    igrivigriv Posts: 1,177member
    Is that why they call it "ice cream sandwich"?
  • Reply 4 of 55
    jragostajragosta Posts: 10,473member
    Now, that's a really strange one. Not only the fact that the bug exists, but the fact that someone was able to find it.
  • Reply 5 of 55
    malaxmalax Posts: 1,598member
    This sounds like bad science fiction. Impressive work by those Germans.
  • Reply 6 of 55
    macrulezmacrulez Posts: 2,455member


    deleted

  • Reply 7 of 55
    akf2000akf2000 Posts: 223member


    my wife often reaches these temperatures in bed. 

  • Reply 8 of 55
    Nothing to see here. Just another example of the "freeze ram and transfer to a different OS/Host/etc to read the residual data" http://www.zdnet.com/blog/security/cryogenically-frozen-ram-bypasses-all-disk-encryption-methods/900

    Any system of any kind with decrypted data in memory (as it must be when in use) is vulnerable to direct memory access attacks like this.
  • Reply 9 of 55


    How cold was it?


     


    It was so cold I froze my gona... er, ah, my encryption off!


     


    Edit:  It's also affecting AAPL -- up about $5 in the last 5 minutes.

  • Reply 10 of 55


    Wait a minute...


     


     


    Quote:


    "This loophole let them start it up with some custom-built software rather than its onboard Android operating system," the report said. 



     


    So they had to 1) physically access the device 2) freeze it 3) bypass Android to complain Android's encryption isn't good? 


     


    Regardless of device or type, if you can physically alter it, odds are you can get to the data eventually.

  • Reply 11 of 55
    akf2000akf2000 Posts: 223member

    Quote:

    Originally Posted by thataveragejoe View Post


    Wait a minute...


     


     


     


    So they had to 1) physically access the device 2) freeze it 3) bypass Android to complain Android's encryption isn't good? 



    yes, or otherwise known as 'Thursday' in Germany. 

  • Reply 12 of 55
    cnocbuicnocbui Posts: 3,613member


    The exploit is obviously reliant on characteristics of the hardware and the OS is actually near irrelevant.  I am impressed that Android's encryption is good enought to be such a serious obstacle to require such a HW level exploit.

     

  • Reply 13 of 55
    apple ][apple ][ Posts: 9,233member


    Cold temps can do wonders for a harddrive.


     


    A few years ago, the drive on a Macbook that I had suddenly died. It sounded like it had the click of death, because all it would do is make these nasty, loud clicking sounds every once in a while. The drive was totally done with. It wouldn't boot up at all and no data could be accessed from it.


     


    After some quick online research, I decided to put the drive in a ziplock bag, and I threw it in the freezer overnight. The next day I removed it from the freezer and I immediately hooked it up to a Mac, and I was able to retrieve most of the data that was on the drive. It worked for almost an hour, then it died again, and remained dead for good.

  • Reply 14 of 55
    quadra 610quadra 610 Posts: 6,757member


    I thought Android freezes irrespective of temperature. 

  • Reply 14 of 55
    timbittimbit Posts: 331member
    Ice cream sandwich couldn't stand the cold
  • Reply 16 of 55
    The research is interesting, but it really should have been said that, incidentally, this was done on an android phone. If there exists a reason that this couldn't have been achieved on an iPhone or WinPhone, the article doesn't express that (or macbook, or vaio, for that matter.)
  • Reply 17 of 55
    akf2000akf2000 Posts: 223member


    you can just do it with a much smaller freezer.

  • Reply 18 of 55

    Quote:

    Originally Posted by DeanSolecki View Post



    The research is interesting, but it really should have been said that, incidentally, this was done on an android phone. If there exists a reason that this couldn't have been achieved on an iPhone or WinPhone, the article doesn't express that (or macbook, or vaio, for that matter.)


     


    Er, because you can't remove an iPhone battery? Who knew that was actually a security feature! image

  • Reply 19 of 55
    ankleskaterankleskater Posts: 1,287member


    Cool! VERY cool!

  • Reply 20 of 55
    steven n.steven n. Posts: 1,229member
    cnocbui wrote: »
    The exploit is obviously reliant on characteristics of the hardware and the OS is actually near irrelevant.  I am impressed that Android's encryption is good enought to be such a serious obstacle to require such a HW level exploit.

     
    While this is using characteristics of the hardware, it is the OS's handling of the hardware that is in error. But this is a pretty obscure hack.
Sign In or Register to comment.