Post-reboot memory dumping software released.

Last week, a group of information security researchers released a whitepaper detailing a practical data extraction attack on DRAM after the power's been cut. Unfortunately, Applebaum et al didn't release the source code for the utilities they used in the lab. One Wesley McGrew read the paper and decided to apply the scientific method by reproducing their experiments. This required developing utilities to extract data from powered-down DRAM from scratch which he's done and released the source code for. The source is mostly in C with some in-line assembly. It's dense and you really have to understand what's going on …

Read more...

Cutting the power doesn't necessarily mean that memory is cleared.

It has long been a piece of grassroots wisdom that when the power to your computer goes dead, you're up a certain creek without a means of propulsion: Whatever you were doing at the time had gone to the great bit bucket in the sky, and unless you'd just saved your work you could kiss your next couple of hours goodbye while reconstructing everything. However, from a technical standpoint this isn't actually true. Modern-day DRAM can actually hold usable data for a finite but non-zero period of time after the main power's been cut off. This has actually been known …

Read more...