Its sounds like a scene out of James Bond movie, but someone can actually circumvent a smartphones’ complex encryption system and retrieve its confidential information by putting it in a freezer.
The discovery was recently released by German researchers at Erlangen's Friedrich-Alexander University (FAU). They froze a smartphone for an hour. The researchers – Tilo Muller, Michael Spreitzenbarth and Felix Freiling – were able to get the device’s temperature down to -10C. Data was later analyzed on a separate computer.
They were able to see contact lists, websites visited and photos, the BBC reported. These could all reveal important details on suspected criminals or terrorists.
“We show that cold boot attacks are more generic and allow to retrieve sensitive information, such as contact lists, visited web sites, and photos, directly from RAM (News - Alert), even though the bootloader is locked,” the researchers said in the study.
It was also found that the quick “connecting and disconnecting” of the battery “of a frozen phone forced the handset into a vulnerable mode,” the BBC said. “This loophole let them start it up with some custom-built software rather than its onboard Android operating system. The researchers dubbed their custom code Frost - Forensic Recovery of Scrambled Telephones.” The researchers used a Samsung (News - Alert) Galaxy Nexus smartphone in their study, according to a news report.
Data scrambling was introduced by Google (News - Alert) with the Android version commonly known as the “Ice Cream Sandwich.” But the scrambling system was a "nightmare" for police as they investigated crimes, the researchers said in a blog post. So the discovery could be a welcome find for law enforcement officials.
It was also found that data “fades from memory much more slowly when chips are cold which allowed them to grab the encryption keys and speed up unscrambling the contents of a phone,” the BBC adds.