BBC News reports on a security issue with Google’s Android operating system for cellphones that was found by researchers Tilo Muller, Michael Spreitzenbarth and Felix Freiling in Germany. BBC News reports:
Freezing an Android phone can help reveal its confidential contents, German security researchers have found.
The team froze phones for an hour as a way to get around the encryption system that protects the data on a phone by scrambling it. […]
The attack allowed the researchers to get at contact lists, browsing histories and photos.Android’s data scrambling system was good for end users but a “nightmare” for law enforcement and forensics workers, the team at Erlangen’s Friedrich-Alexander University (FAU) wrote in a blogpost about their work. […]
The trio discovered that quickly connecting and disconnecting the battery of a frozen phone forced the handset into a vulnerable mode. This loophole let them start it up with some custom-built software rather than its onboard Android operating system. The researchers dubbed their custom code Frost – Forensic Recovery of Scrambled Telephones.
The Frost software helped them copy data on a phone that could then be analysed on a separate computer. […]
While the “cold boot” attack had been tried on desktop PCs and laptops, Mr Muller said the trio were the first to try it on phones.