The Ram Burglar! ^^ haha.

I think there is an easy fix for this stuff. Don't leave your notebook or public PC unattended.

10 min is not a lot of time. Especially with Macbooks.... and their screws...

It's enough if you don't have to be careful. I've seen people take out a catalytic converter from a truck in thirty seconds; I doubt that sort of mindset is going to be overwhelmingly fearful of a few screws.

That said, any situation where someone could get access to your machine that quickly has many equally serious issues.

Right'o, who has a freezer that reaches -50ºC?

they should make it so that the os/ security program write over the keys or clears the keys before shutting down.

Actually I shut down all my computers, including laptops completely every time.

I suppose one does have to ask the question, what thief walks around with a freezer capable of getting a laptop cooled down to -50c in under the amount of time the data would remain in the first place??

C:/DOS/RUN/ROBBLEROBBLE!

i shutdown my laptop to conserve when need be!

@BensAngel: you could turn one of those cans of air upside down and spray liquid nitrogen out of it =)

Who decided that the keys are protected when the computer is on? A simple memory editor or debugger will easily give you access to the information you're looking for.

Wow...where were you guys when this broke 2-3 weeks ago?

Stealing a computer right after it's encrypting something and been powered down and then pulling it apart in a -50c freezer, removing the RAM and analysing it by knowing where to look and decyphering the seemingly random bits in memory all within 10 minutes?

Man, this is great material for the Ocean's 14 script I'm writing!

Gizmodo gets the bronze for reporting the story about a week late. But they get the gold for the image!

CRAP! Now I'm going to have to start shutting down my laptop that I keep downstairs in between my large tank of liquid oxygen and my high speed powered screwdriver and RAM stick pulling set.

The keys supposedly go into memory after the system boots and before needing to enter in a password. Thus its not that much of a rush after stealing the laptop/computer. Anyways, all of the encryption technology is more of a deterrent anyways. If its man made it can be broken by man.

I thought this was commonish knowledge by now...

And you guys are quoting BBC?! El Reg broke this 3 weeks ago. C'mon..the BBC??

This is a non story in my opinion. Most decent encryption apps such as Truecrypt flush encryption data from RAM upon dismounting the volume. If someone were to hard shutdown the PC before Truecrypt could dismount and flush the keys, then the keys would still be lodged in RAM and vulnerable to this attack. This requires that the bad guy has access to the encrypted volume in a mounted state anyway, the point is moot.

This reminds me of how NSA demo'd how to get into the memory of a smart card by physically microdrilling a hole into the physical card, and reading the registers...

-

In the case of volatile RAM though, Why not simply run a shutdown bot that zeros the system RAM whenever you shut down the OS? That would take a good programmer about 30 minutes to write, right?

This seems ridiculous for all but the best funded of theives. But what about DRM? Does access to a RAM print compromise the highly key-dependent DRM schemes out there?

This is old news. This week's stealing-security-keys-from-RAM story is about firewire, and it works while the PC is booted.

apparently if everyone DID shut down their laptops it would save 1.21 gigawatts of power.

Tremendous photoshoppin'

For the love of...............How can you have the hamburgler without Grimis?!?!?!

Its just not right.

I know its OT for this but hey, as was pointed out previous, this broke weeks ago and I got nothin else.

On the other hand throw it in the oven at 375°F for 5 minutes until well done and your data will be permanently protected.