Skip to main content
  1. Home
  2. Computing

Researchers Defeat HDD Encryption

By

While properly encrypted hard drives were thought to offer a challenge to even the most talented of hackers, a recent breakthrough has proven that even this extreme security measure possesses major vulnerabilities. On Thursday, a group of Princeton researchers revealed a creative exploit that allows common hard drive encryption software to be easily bypassed in minutes by anyone who has physical access to the computer.

While most new hacks and security vulnerabilities rely on software loopholes, the Princeton researchers actually exploited a property of computer hardware to snag encryption keys.  Since most encryption programs require users to enter their passwords only once at boot, they store an encryption key in RAM to decode the hard drive’s encrypted contents on the fly. Most software companies would not consider this a vulnerability, since the contents of DRAM are wiped clean without electricity, making the key seemingly impossible to steal.

Recommended Videos

But the Princeton researchers found that DRAM holds its contents for much longer without electricity than most people suspected, and developed a way to extend its life even further by freezing it with the spray from an upside-down can of air duster. When presented with a running but locked computer, researchers were able to preserve the memory with air duster, swap it to a different laptop, pull the encryption keys right out and read the encrypted drives.

The team successfully cracked drives encoded by popular schemes including Microsoft Vista’s BitLocker and Mac OS X’s FileFault, along with dm-crypt and TrueCrypt. The only prospect for circumventing the Princeton attack procedure may be using an additional encryption string, which would be stored on a USB thumb drive or other removable media, and taken with the user when away from the laptop.

Editors' Recommendations

Nick Mokey
Nick Mokey
Managing Editor
As Digital Trends’ Managing Editor, Nick Mokey oversees an editorial team delivering definitive reviews, enlightening…
The 6 key things Apple must fix in the next version of macOS
Craig Federighi introducing macOS Sonoma at Apple's Worldwide Developers Conference (WWDC) in June 2023.

I use macOS every day, and there’s no doubt that I love it as an operating system. Yet, despite how full of genuinely brilliant features it is, there are still a handful of things I just wish it did better.

Luckily, Apple’s Worldwide Developers Conference (WWDC) is just a month away, which means there’s not long until we see what kind of software improvements Apple has in store for us. I’ve been thinking hard about what kind of changes I’d like to see happen, from Siri to Stage Manager and everything in-between. Here are the key areas I think Apple needs to fix in macOS 15.
Hey Siri, meet AI
Even when I ask Siri for the WWDC date, it can't give me a straight answer. Digital Trends

Read more
How to create a Smart Folder on a Mac
Looking down at the keyboard and trackpad on a MacBook Pro.

Creating folders is a great way to organize all the files on your Mac. But after a while, a stockpile of folders is no better than a stockpile of standalone media, software, and docs. If you’re up to your neck in traditional Mac folders, you should try making a Smart Folder instead!

Read more
How to change the login picture on a Mac
The M3 MacBook Air in front of a window.

When you log into your Mac every day, one of the first things you see is a circular login picture above your username. On its own, this UI element is how you and other household members will know what user profile belongs to whom. Fortunately, Apple also gives you the ability to customize this image. You’ll be able to choose from your own personal photos, emojis, as well as Memojis.

Read more