For how long after shutdown does data remain in RAM?
I'm curious about this.
I know RAM is generally given the name "volatile memory", but some of you will know this is not completely true. It's been proven that data stored in RAM still remains for a short while after power loss. Police have been known to use "cold boot attacks" when they raid houses where they believe the suspect to have illegal data. They put the chips in liquid nitrogen and the data in this state can remain for days or even weeks - so plenty of time for them to get it back to the labs and recover what the suspect has been looking at.
Does anyone know more about this? I'm not really into computer science normally but I find data remanence and security pretty interesting topics when it comes to computers.
I know RAM is generally given the name "volatile memory", but some of you will know this is not completely true. It's been proven that data stored in RAM still remains for a short while after power loss. Police have been known to use "cold boot attacks" when they raid houses where they believe the suspect to have illegal data. They put the chips in liquid nitrogen and the data in this state can remain for days or even weeks - so plenty of time for them to get it back to the labs and recover what the suspect has been looking at.
Does anyone know more about this? I'm not really into computer science normally but I find data remanence and security pretty interesting topics when it comes to computers.
Original post by vedderfan94
I.
Yup you are right
. However recent developments in ram technology may change things. They have developed RAM that doesn't lose memory once turned off 
This was one of the ways they cracked encryption software such as true crypt and Microsoft bitlocker.
However there is a time period in which the memory will be lost i personally don't know but would of course depend on the system. You should have a read on the web their is some good articles out there.
Here is one:
http://www.theregister.co.uk/2008/02/22/eff_unbitlocker/
What are you trying to hide would be my first question? 
No one asks a question like that unless they're planning on hiding something 
Following on from theregister article posted above by FinalMH you can read the original research here: https://citp.princeton.edu/research/memory/ It includes the full paper in pdf format plus experiment guide, source code, and some videos/images. There are some steps you can take however to protect against cold boot attacks. For instance fully powering down the machine every time and waiting a while (few minutes) before you leave it or by using TAILS which scrubs the RAM during shutdown thus guarding somewhat against cold boot attacks.
In any case many have described cold boot attacks as alarmist nonsense: http://searchsecurity.techtarget.com.au/news/2240019248/COMMENTARY-Cold-boot-BitLocker-attack-is-over-hyped truth be told there's a multitude of different ways of nabbing the keys or data that require a lot less effort. For instance the simple approach...
If they want your data they'll simply blackmail it out of you and twist the screws until you squirm.
No one asks a question like that unless they're planning on hiding something Following on from theregister article posted above by FinalMH you can read the original research here: https://citp.princeton.edu/research/memory/ It includes the full paper in pdf format plus experiment guide, source code, and some videos/images. There are some steps you can take however to protect against cold boot attacks. For instance fully powering down the machine every time and waiting a while (few minutes) before you leave it or by using TAILS which scrubs the RAM during shutdown thus guarding somewhat against cold boot attacks.
In any case many have described cold boot attacks as alarmist nonsense: http://searchsecurity.techtarget.com.au/news/2240019248/COMMENTARY-Cold-boot-BitLocker-attack-is-over-hyped truth be told there's a multitude of different ways of nabbing the keys or data that require a lot less effort. For instance the simple approach...
If they want your data they'll simply blackmail it out of you and twist the screws until you squirm.
(edited 12 years ago)
Temperature is the main variable, as is why when talking about trying to grab truecrypt encryption keys from memory the memory modules are frozen to slow the process. Realistically the for complete loss could be a while depending on how much ram you have, but at least some of the information would have disappeared after a matter of minutes.
Original post by vedderfan94
I'm curious about this.
I know RAM is generally given the name "volatile memory", but some of you will know this is not completely true. It's been proven that data stored in RAM still remains for a short while after power loss. Police have been known to use "cold boot attacks" when they raid houses where they believe the suspect to have illegal data. They put the chips in liquid nitrogen and the data in this state can remain for days or even weeks - so plenty of time for them to get it back to the labs and recover what the suspect has been looking at.
Does anyone know more about this? I'm not really into computer science normally but I find data remanence and security pretty interesting topics when it comes to computers.
I know RAM is generally given the name "volatile memory", but some of you will know this is not completely true. It's been proven that data stored in RAM still remains for a short while after power loss. Police have been known to use "cold boot attacks" when they raid houses where they believe the suspect to have illegal data. They put the chips in liquid nitrogen and the data in this state can remain for days or even weeks - so plenty of time for them to get it back to the labs and recover what the suspect has been looking at.
Does anyone know more about this? I'm not really into computer science normally but I find data remanence and security pretty interesting topics when it comes to computers.
As a proof of concept, cold boot does work, but in the real world, it's pretty impractical, not to mention that it's not reliable. Certainly in the UK and US, investigators wouldn't even consider trying this - they'd keep the machines powered on as far as practically possible and use the courts (or $5 spanners) to get your encryption keys.
Quick Reply
Related discussions
- How to solve this standing wave problem?
- Best windows laptop for students?
- Recommend macbook
- 2024 Music Conservatoire Applicants
- Music Conservatoire Applicants 2022
- I feel like dropping out sometimes
- Long Residency
- 2023 music conservatoire applicants
- University rankings
- Average and marginal costs help
- i suck at a-level economics
- OCR A-level Computer Science Paper 1 (H446/01) - 12th June 2023 [Exam Chat]
- Laptop -- is this too cheap?
- Civil Service Data science graduate programme 2023
- Amazon data analyst apprenticeship assessment centre
- Aviva Graduate Pathway 2024
- HSBC Job Simulation 2021
- OCR GCSE Computer Science Paper 1 (J277/01) - 19th May 2023 [Exam Chat]
- Accreditation (Msc)
- Bank of England Graduate Scheme 2024
Latest
Trending
Last reply 2 days ago
YouTube Vs Spotify Which is Better Platform for musiciansLast reply 2 weeks ago
Touch screen doesn’t respond sometimes on iPhone 11Last reply 1 month ago
what kind of laptop to bring to uni?! macs vs windows, etc.Last reply 3 months ago
noise cancelling headphones suggestions for uni students?Trending
Last reply 2 days ago
YouTube Vs Spotify Which is Better Platform for musiciansLast reply 2 weeks ago
Touch screen doesn’t respond sometimes on iPhone 11Last reply 1 month ago
what kind of laptop to bring to uni?! macs vs windows, etc.Last reply 3 months ago
noise cancelling headphones suggestions for uni students?
