Thursday, May 23, 2013
Privacy Breaking Techniques for Android
Playing psychological games with a hostage to retrieve crucial and mission critical information from them is something that humanity has done for a long, long time, but who would have thought that smartphones, too, are not exempt from a certain kind of "torture"? I am not referring to threatening to smash your Android handset with a hammer lest it gives up its unlock code, but rather, a team at Erlangens Friedrich-Alexander University (FAU) managed to discover a method of accessing an encrypted Android devices contact lists, browsing histories and photos simply by sending it to the freezer, and using the FROST (Forensic Recovery Of Scrambled Telephones) method afterwards.
You can get the secret information of any Android operating systems mobile like Phone number, Pictures, Conversation and Internet access information. Its happen only when you take your smartphone on cool atmosphere. All secret information having in your smartphone will come out so easily.
This experiment was done by a group of researchers of University of Erlanejana Nuremberg Germany. They take the android operating smartphone below the freezing temperature (Minus Ten degree Celsius).
Once the well chilled Android smartphone has reached the desired temperature, connecting and disconnecting the battery of the frozen device quickly would force the handset into a vulnerable mode. This particular loophole would then open a window of opportunity to boot it up using custom-built software, bypassing the pre-installed Android operating system along the way. This custom code has been dubbed FROST as mentioned above.
FROST will allow the researchers to copy sensitive data on the handset which can then be analysed on a separate compute later on. Not only that, a chilled device would also experience slower data fades from memory, which enables hackers or digital forensic teams to obtain encryption keys while speeding up the unscrambling process when it comes to a phone’s content.
Once the well chilled Android smartphone has reached the desired temperature, connecting and disconnecting the battery of the frozen device quickly would force the handset into a vulnerable mode. This particular loophole would then open a window of opportunity to boot it up using custom-built software, bypassing the pre-installed Android operating system along the way. This custom code has been dubbed FROST as mentioned above.
FROST will allow the researchers to copy sensitive data on the handset which can then be analysed on a separate compute later on. Not only that, a chilled device would also experience slower data fades from memory, which enables hackers or digital forensic teams to obtain encryption keys while speeding up the unscrambling process when it comes to a phone’s content.
However, is the process is possible for all android phone, they did not ensure that.
