Chilling Android Smartphones in a Domestic Freezer Bypasses Security Locks
A group of German researchers have found a way of breaking the encryption model used in the latest Android OS, by physically freezing the smartphone.
Version 4 of the Android OS -- appropriately named Ice Cream Sandwich -- transparently scrambles user partitions, thus protecting sensitive user information against targeted attacks that bypass screen locks.
Although this is good for end-users, it is bad for crime forensics, so the researchers at at Erlangen's Friedrich-Alexander University have worked on a method of breaking that functionality.
Testing their equally appropriately named software -- Frost -- on a Samsung Galaxy Nexus smartphone, they were able to retrieve sensitive information, such as contact lists, visited web sites, and photos from the handset memory.
The technicque required that the smartphone be placed in a freezer for at least an hour at -15 degrees celcius while it is still switched on. Quickly reset by removing the battery for less than half a second, there are a number of keypresses to force the phone into a fastboot mode.
At this point, hooking the phone up to the Frost software then enables the user to access the phone memory and download the content for later analysis.
Although not a simple method of breaking the phone software, it does highlight the theoretical possibility -- and would be of use to both hackers and the police.
On the web: Erlangen's Friedrich-Alexander University