Security researchers have discovered a flaw with nearly all modern computers that allow potential hackers to steal sensitive information from your locked devices. CNET adds: The attack only takes about five minutes to pull off, if the hacker has physical access to the computer, F-Secure principal security consultant Olle Segerdahl said in a statement Thursday. Cold boot attacks can steal data on a computer’s RAM, where sensitive information is briefly stored after a forced reboot. These attacks have been known since 2008, and most computers today have a safety measure where it removes the data stored on RAM to prevent hackers from stealing sensitive information. It’s also not a common threat for the average person, since both access to the computer and special tools — like a program on a USB stick — are needed to carry out the attack. But Segerdahl and researchers from F-Secure said they’ve found a way to disable that safety measure and extract data using cold boot attacks. [Further reading: ZDNet] “It takes some extra steps compared to the classic cold boot attack, but it’s effective against all the modern laptops we’ve tested,” he said in a statement. Per F-Secure, there is no patch to address the new vulnerability just yet. For now, the firm recommends that you make tweaks to your system settings so that your computer automatically shuts down or hibernates instead of entering sleep mode when you close your screen.
of this story at Slashdot.
Source:: Slashdot