Hacker News new | past | comments | ask | show | jobs | submit login
Cold Boot Attacks (f-secure.com)
70 points by ankka 6 months ago | hide | past | web | favorite | 45 comments

Everyone's quickly jumping in to post "physical access is not secure", while over there Apple have iPhones that appear to be almost completely secure against all but the most dedicated state-level attacks (and of course compromised accounts). We can do better, and should. Without compromising the freedom to change operating system.

Mind you we also need to keep pressing on security for the desktop, against ransomware and malicious installs. Again without compromising freedom of choice.

>Without compromising the freedom to change operating system.

Privacy, freedom, and security advocates seem to have opposing and wholly incompatible goals when it comes to technology.

This attack is possible because the NVRAM is overwriteable.

In order to mitigate this attack, you a manufacturer would need to make NVRAM non-NV or add an security device like Apple's T2 chip. Or encrypt the NVRAM and (to prevent a key management nightmare brought about by having millions of users) keep the keys private, in which case all of the haxxors would be crying "they're locking us out of our own hardware!"

But adding a security device attacks "freedom".

    10 PRINT "Having the vulnerability is bad."
    20 PRINT "But adding security attacks freedom."
    30 GOTO 10
If all of these raging against the machine Zer0cools were highly paid security consultants in 1981 looking to stir up business by raging against some machines, they would have pilloried IBM for implementing their (pre) ISA bus and Commodore for allowing users to PEEK and POKE into random memory addresses. The former created the entire personal computing marketplace as we know it today, and the latter enabled millions of programmers to understand their machines and make them do things the designers never could have imagined.

There was a HN article a while ago about how manufacturers were dumb and we were all going to die because of Thunderbolt and PCIe security flaws where attackers could sniff traffic on the bus.

I was just like "no shit, you've been able to do that forever, that's the point of busses and locking them down will just speed the Applefication of computing".

Back in "THE GOOD OLD DAYS" when men were men and computers were free and open they had god damned card-edge connectors sticking out of the back of the case which gave anyone within arms reach of the machine direct and unrestricted access to the CPU lines.

You cannot have closed openness.

It depends. For example, there is nothing that technically prevents adding 'add my own key' functionality to the Android phone bootloaders - that would allow user to unlock bootloader, install AOSP or any Android build of their choice, and then lock bootloader again. The fact we have no such function in bootloader is not rooted in some technical tradeoff between free and secure.

There are so many easier way to compromise the computers of 99% of the population that this particular flaw, while interesting, doesn't really appear all that critical to me. How many people (or even companies) bother to encrypt their hard drives these days? Not many in my experience. And for those who do how hard will it be to phish the credentials using basic social engineering?

If you're carrying nuclear codes then yeah, you should be worried about these attacks. If you're security officer for a small company then you probably have a long list of things to worry about before you have to consider cold boot vulnerabilities.

Furthermore if you're worried about an attacker having physical access to your computer what about simply installing a keylogger or a device that broadcasts your display for instance? That seems massively easier and faster to pull off than the attacks described here.

> If you're security officer for a small company then you probably have a long list of things to worry about before you have to consider cold boot vulnerabilities.

Do you have laptops? Do you keep any personal data on them? Are you subject to GDPR? Then you do need to worry at least somewhat: https://www.databreachtoday.com/data-breach-another-stolen-l...

These attacks can be made into a pendrive you just need to plug in. On laptops that's easier than hiding some extra hardware.

IPhones are probably vulnerable to cold boot too. It's just that cold boot attacks are absurdly difficult to execute. They only work if you already have physical access to an unlocked device before it powers down. If you shut off your machine and wait two seconds before walking away, you can never be cold-booted

Are you sure/can you provide sources? Given the substantial efforts law enforcement has been taking to get access to suspects' iPhones, this doesn't seem right.

I think you misread me. IPhones are almost certainly vulnerable to some kind of cold-boot attack, yes. That doesn't mean that it's easy to break into them. Cold-boot attacks are highly circumstantial.

If the San Bernadino terrorists shut down their phones before their murderous rampage, or if they ran out of battery before the FBI got into their house, sorry, no cold boot for you.

Cold boot only works if you have physical access to the unlocked, powered-on, in-use device. The "data ghost" in memory that cold boot attacks take advantage of is only there for seconds.

The commenter above specifically says powered on, unlocked. If the phone is locked or powered off, things are much harder.

I guess I was confused by "If you shut off your machine", which is not the same thing as locking it.

If cold boot attacks only work against unlocked devices, that makes a lot of sense. But if they work against locked but powered devices, that would be quite possible for LE to exploit in most cases (just carry a battery pack).

kinda hard when your ram is soldered on top of BGA cpu

> We can do better, and should

It depends. Regular user in most of the world is pretty happy with $50-100 MTK-based chinaphone with 5.5" screen and 2GB of RAM - even with factory preinstalled trojans.

So when are we getting encrypted RAM?

With all the talk I hear about "cache being the new RAM", since it's so much faster, particularly the L1, it sounds like it would make sense to have some transparent encryption going on. A random key generated at power on, then kept inside the CPU, and instantly lost at power off, would be enough to secure the contents of DIMMs against attacks like this.

I believe some AMD CPUs already support it, and there's some mention of it in Linux Kernel docs (https://github.com/torvalds/linux/blob/master/Documentation/...), but I'm not sure if it's actually used in practice or not.

It already exists on AMD: https://en.wikichip.org/wiki/x86/sme

Somebody could put a hardware keylogger on your keyboard interface instead. Or de-solder your CPU and replace it with a backdoored version.


How many backdoored CPU attacks have you heard of before?

If you need protection against that, might as well live inside a vault.

> Cold boot attacks aren’t new. They were developed by a research group back in 2008

Older than that. E.g. Pettersson's talk at CCCamp 2007.

I'd be surprised if some analog of this didn't come out in the 80's. The fundamentals were all there, even arpanet.

physical access = compromised system

There are things you can do to mitigate this problem, but once someone has physical access to a computer they have many pathways to gaining access to data and control.

This is already not true for modern iPhones. I think the time to stop accepting this has come. We should demand better from commodity devices.

I think most disagreement in this thread comes from not separating two very different cases.

1) I got access to you hardware and I want to extract data from it

2) I got access to your hardware and I get to give it back to you and you continue using it as if nothing happened

The FBI have trouble compromising iphones despite having unlimited physical access so that isn't true in general.

What I'm worried about is closing these holes while preserving the ability to run whatever software I want.

And also preserving the ability to provide consistent instruction to people on how to install other operating systems. In other words if every laptop has a different magic keyboard sequence to bypass boot security it's going to be a pain to write the Debian install instructions.

That's true, but it's what encrypted filesystems are supposed to prevent. The lesson is that sleep/low power modes are not enough. You should be powering-off or hibernating any time the computer is not in use.

Unfortunately this is against many enterprise policies for desktops, because they like to apply updates during off-hours and need the computers to be on (or at least able to wake up from sleep) to do that.

For laptops, you should configure them to hibernate when the lid is closed, not just sleep.

If their slides are correct, then disabling boot from USB is enough. But then they state

> Using a simple tool, Olle and Pasi learned how to rewrite the non-volatile memory chip that contains these settings, disable memory overwriting, and enable booting from external devices

The phrasing is confusing in that had they find a way to switch 'boot from USB' BIOS setting 'using a simple tool'.

That's why the #1 rule of security is physical security. If someone has physical access to your computer, it's pretty much game over.

Well, yes and no.

Not necessarily if you turn off your computer or use hibernation instead of sleep, AND you use full disk encryption. This will stop short-term attacks, like cold boot attacks and the like.

Of course, if they "borrow" your laptop for a while, opens it up, installing key loggers, modifying the firmware/hardware, and you do not notice this: you are f*ed.

I mean: even if you believe that "if someone has physical access to your computer, it's pretty much game over" you don't necessarily drop encryption and user password on the laptop and always put it in sleep mode.

Tell that to the FBI trying to get into an iPhone

Cold boot, you keep using this word and you don't know what it means. Or is it me who have a screwed definiton of cold boot?

As defined in the article: "when a computer is reset without following proper procedures (what’s known as a cold/hard reboot)"

Even if you disagree, "cold boot attack" is the established name for the actual attack, the new aspect presented here is how to circumvent a certain firmware protection that would overwrite the memory on a cold boot to prevent that attack.

If you would give your definition we could see if it is right, too.

I thought the definition of cold boot was a boot from a powered down state.

Cold boot attack: An attack in which a running system is reset and information extracted from its memory that survived the reset. Seems like the article is using it correctly.

From a security standpoint, isn’t there a common understanding that if an attacker gains physical access to your computer, you already lost?

As a side note, there are so many vulnerabilities constantly coming out that I’ve almost became desensitized. I’m sure that’s not a good thing but it’s almost like “when” not “if” someone will just steal my data.

Not sure if anyone agrees or I’m just a one-off...

Some parts of a computer are easier to access than others. Like, it's quite easy to access the contents of a hard drive, but not so much some value stored in a particular register in the CPU. That's why it makes sense to encrypt data stored on a hard drive, but we expect the CPU to be able to handle plaintext securely.

Turns out, we should think of RAM more like a hard drive than like something internal to the CPU.

> isn’t there a common understanding that if an attacker gains physical access to your computer, you already lost?

I don‘t think so. It would mean that securing information in the workplace is nearly impossible and colocation hosting security intrusion boils down to picking a physical lock (of your rack).

So do y'all regularly dump liquid nitrogen on your computers after powering them off?

Last I checked, cold boot attacks have to be executed within moments of a computer powering down unless it's immediately put on ice. I don't understand why we're worried about this.

Actually, RAM can keep its contents for up to a few minutes after shutdown. See here:


Many people do not always power down their computer completely when they leave it unattended.

Read the article. This is about attacking computers in sleep mode.

When you are in sleep mode, your RAM still has power on it.

Leaving the computer on is a cold boot attack now?

At first, I could not figure out why sleep mode was an issue, but I think the point is that a cold boot attack has to be performed within minutes of the shutdown, and it has to be a 'hard' (just cut the power) type of shutdown, not an orderly shutdown where the OS stops what's running and then instructs the hardware to shut down. An attacker who gets his hands on a computer in sleep mode is in a position to force a hard shutdown and immediate cold boot when he is ready.

No, a cold boot attack is a way of recovering data from a system you gain access to while it is running.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact