DISQUS

Website
http://danielmiessler.com/
Original page
http://danielmiessler.com/blog/performing-a-cold-boot-proof-of-concept-without-princetons-bit-unlocker
Subscribe
All Comments
Community
Top Commenters
- 'Dapo Osewa
  3 comments · 1 points
- Maxo
  18 comments · 2 points
- cooperati
  127 comments · 2 points
- dapxin
  14 comments · 1 points
- icepyro
  3 comments · 1 points
Popular Threads
- Free Will and Punishment
  1 day ago · 1 comment
- Broadband Speeds Around the World
  3 days ago · 2 comments
- Willpower: A Limited Resource
  1 week ago · 2 comments
- Availability Bias
  5 days ago · 1 comment
- Andrew Gelman Talks Voting Patterns and Income
  5 days ago · 1 comment

danielmiessler.com | grep understanding: Performing a “Cold-Boot” Proof of Concept Without Princeton’s Bit-Unlocker

Maxo · 1 year ago

I'm very interested to find out what other information you are able to grab from this. The fact that all you need is a USB key with special software is really shocking.
Do you think a person who is only semi-technical could be given these tools and easily trained to pull this information?
Maxo · 1 year ago

Another question, what was the order in which you did everything? Where you able to pull data from the computer after it was completely shut down, or while it was in sleep/hibernate? Or did you have to pull it from the PC while it was running and logged in to?
Daniel Miessler · 1 year ago

It was shut down.
Arik · 1 year ago

You don't actually have to shut it down.

You can take a laptop that you, presumably, got illegally in sleep mode, cool its memory chip as it's sleeping; then pop it off its holder and into a new computer with the software.

-- Arik
Daniel Miessler · 1 year ago

@Arik

True, but I think it's even cooler that it CAN be shut down - even without being cooled - and still will yield data like this.
TIMM · 1 year ago

variables to be looked at are ram size, manufacturer, and optimal cool down correlation to data fade.

there might be some means by which the industry can eliminate this effect by switching to composites that increase data fade after shut down more rapidly. maybe even the architecture, by using multiple chips instead of one single structure.

please, continue the research. if Princeton isn't interested, I bet that MIT, Harvard, Stanford or Cornell would be.

-=T=-
Maxo · 1 year ago

I read the full paper from Princeton yesterday. From what it said, if you boot up within a second of shut down you should be ok. Depending on the RAM, you could have it off for up to 30 seconds.
The safest bet, apparently, to blow compressed air from an upside down can to cool it and then shut it down and boot it back up.
kamal ahluwalia · 1 year ago

hi
i am workin on this information from past one week.can u plz tell me about the execution proceedure or provide some snapshots of your work.
there is a file winen.exe in encase(i.e a forensic software).can it help me.
plz reply
Steam Cleaners · 6 months ago

Wow.. It sounds great!! A USB key with a special software is all you need to this was really amaze me.. Thanks for the info..

Website

Original page

Subscribe

Community

Top Commenters

Popular Threads

danielmiessler.com | grep understanding: Performing a &#8220;Cold-Boot&#8221; Proof of Concept Without Princeton&#8217;s Bit-Unlocker

danielmiessler.com | grep understanding: Performing a “Cold-Boot” Proof of Concept Without Princeton’s Bit-Unlocker