Researchers at Erlangen’s Friedrich-Alexander University (FAU) reported that they could successfully bypass the data scrambling system implemented by Google starting from its mobile operating system the ice cream sandwich (ICS) version of Android by freezing the phone to -10 degrees. This trick is called “cold boot” attack that is generally used on personal computers to retrieve valuable and sensitive data by bypassing the securities. Though this has not been tested on an iPhone yet we there are really good chances of it being successfully implemented on an iPhone as well.
The team at FAU successfully froze the Samsung Galaxy Nexus, the first Android device to have got ICS update, by over an hour till it reached -10 degree centigrade. Then, they quickly removed the battery and replaced it by which the researchers could successful make the phone vulnerable and load their custom code on to the device rather than booting the default piece of code. Their code, called as Frost Software, could then make a copy of personal data on the RAM of the phone onto a separate device which they could later evaluate and retrieve the data.
Most data would be user log, photos, videos and other personal data present on the phone. Researches claim that they are trying to build a security for the Android OS that would protect devices from a “cold boot” attack. The trick is to load the encryption keys on to the processor memory (Cache) rather than on the general memory (RAM) of the device. We have to wait and see if FAU will try to do something similar on iPhones as well.