Disk encryption, in its current implementation, is a joke. But it’s hardly the software makers’ fault.
Princeton researchers have developed a method to defeat a form of disk encryption that’s commonly found on laptops. It relies on the fact that RAM, contrary to popular belief, doesn’t erase automatically when power is cut. Rather, information stored in RAM—here, disk encryption keys—hangs around for a couple seconds, if not minutes. Cooling the RAM module slows the data disappearance even further.
From there, all you’d need to do is swap out the RAM module and run the proper software. Bam, instant information.
PGP, the encryption dudes, say its software works just fine. Instead of blaming it, you should blame the hardware companies for their poor design.
The attack should work on some of the most popular forms of encryption, including Apple’s File Vault. The above video shows an attack on a BitLocker’d Vista laptop.
You should probably assume that if someone has physical access to your machine, they’ll be able to crack it.
Cold Boot Attacks on Encryption Keys [Princeton via Wired’s Threat Level]
Join 10k+ tech and VC leaders for growth and connections at Disrupt 2025
Netflix, Box, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, Vinod Khosla — just some of the 250+ heavy hitters leading 200+ sessions designed to deliver the insights that fuel startup growth and sharpen your edge. Don’t miss the 20th anniversary of TechCrunch, and a chance to learn from the top voices in tech. Grab your ticket before doors open to save up to $444.
Join 10k+ tech and VC leaders for growth and connections at Disrupt 2025
Netflix, Box, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, Vinod Khosla — just some of the 250+ heavy hitters leading 200+ sessions designed to deliver the insights that fuel startup growth and sharpen your edge. Don’t miss a chance to learn from the top voices in tech. Grab your ticket before doors open to save up to $444.
Encryption Still Good; Sleeping Mode Not So Much, PGP Says [Wired’s Threat Level]
