Android Phones Can Be Unlocked by Freezing Them

Researchers based in Friedrich-Alexander University, Germany, found out that the security of an encrypted Android phone can be bypassed after exposing the mobile device to freezing temperatures. The paper, entitled FROST: Forensic Recovery Of Scrambled Telephones, discussed how the researchers – Tilo Muller, Michael Spreitzenbarth and Felix Freiling – were able to do cold boot attacks on Android smartphones, specifically Samsung’s Galaxy Nexus, and recover disk encryption keys from random-access memory (RAM).  

The researchers claimed that the technique described in the paper could unlock fully encrypted, locked boatloader-equipped Android smartphones. The unlocking technique was possible “because RAM contents fade away more slowly if RAM chips are cold.” Decryption keys that are stored in the smartphone’s memory can be recovered if it is done quickly – slightly removing and replacing the battery immediately once the Android handset has been frozen for about an hour.

A Samsung Galaxy Nexus unit, placed in a clear plastic bag, was frozen to -10 degrees Celsius for about an hour. After that, the battery was removed then quickly reconnected to reboot the device. Fastboot utilities developed by the researchers and installed on a Linux PC were then used to unlock the handset using the Recovery Mode option. Data like the user’s contact list, web history, and photos are finally accessible right off the RAM even if the boatloader remains locked. The copied data stored in the phone’s memory can then be analyzed using a computer.

The choice of Samsung Galaxy Nexus for the FROST demonstration was deliberate. The handset was one of the first Android-based devices to employ Android’s disk encryption version 4.0, which uses the ironically fitting moniker, Ice Cream Sandwich. The German researchers said that other Android phones would prove susceptible to the attack as well, and they were planning to carry out testing on other Android handsets.

The cold-boot attack had been previously performed on laptops and desktop computers. Tilo Muller said that they were the first to attempt the trick on mobile phones. “We thought it would work because smartphones are really small PCs,” Muller told the BBC, “but we were quite excited that the trick with the freezer worked so well.” (KOM) Link. Link. Link.