| ▲ | deng 2 hours ago | |||||||
> Anyone with physical access. I think it is understandable from the phrase. Sorry, I'm probably dense, I still don't get it. You steal a laptop, you open it, the screen is locked with a password/fingerprint whatever. How do you read out the RAM from that laptop? | ||||||||
| ▲ | IngoBlechschmid 2 hours ago | parent | next [-] | |||||||
Several options. One is you restart and boot from a live system where you are root, and then dump all memory. This is described in the paper with the witty title "Lest We Remember: Cold Boot Attacks on Encryption Keys": https://www.usenix.org/legacy/event/sec08/tech/full_papers/h... Other options: DMA attacks. Also you never know what the Intel Management Engine hidden in your computer is doing. It's running a version of Minix you don't have any control over, and it has full access to memory. | ||||||||
| ▲ | john_strinlai 2 hours ago | parent | prev [-] | |||||||
>How do you read out the RAM from that laptop? the term to look up is "cold boot attack" (https://en.wikipedia.org/wiki/Cold_boot_attack). tons of cool live demonstrations of how it works on youtube if you've got the 20-40 minutes to spare | ||||||||
| ||||||||