There is a new way to freeze out the security on encrypted Android phones, just stick the device in a freezer next to the ice cubes and ice cream.
Freezing the device does work, even on those fully encrypted and have locked bootloaders, according to researchers at Friedrich-Alexander University (FAU) in Germany. They call their toolkit for the exploit, FROST, which stands for Forensic Recovery Of Scrambled Telephones.
“Scrambled telephones are a nightmare for IT forensics and law enforcement, because once the power of a scrambled device is cut any chance other than brute force is lost to recover data,” the FAU team said.
Disk encryption came into play for Android in Version 4.0, or Ice Cream Sandwich. The researchers used a Samsung Galaxy Nexus to demonstrate FROST in a step-by-step tutorial posted to their website.
The idea behind the exploit is information stored in RAM remains present for much longer if the temperature is cold, which means it can be possible to access decryption keys stored in the phone’s memory if it’s done quickly enough.
By chilling a well-charged phone to about minus 10 degrees Celsius, then turning it off and on again as fast as possible (the team recommended simply popping the battery in and out quickly) and booting it into recovery mode, attackers could grab data like photos, Web history and phone contact lists from the device using custom software developed by the German researchers.
If the phone has an unlocked bootloader, the software can even snare encryption keys from the vulnerable RAM, allowing for full access to everything stored on the device.