Android Encryption Can Be Bypassed by Putting Your Phone in the Freezer
2 min read
As frequent readers of the One Click Root blog already know, we recommend encrypting phone data in order to protect it from unauthorized access. Good encryption can’t be unlocked – even by the world’s most powerful computers – which is why it’s a good way of protecting your texts, passwords, pictures, and any other important data you have on your Android.
Fortunately, Android has native encryption, which means that Android users don’t have to do anything in order to protect their most sensitive data.
But Android encryption isn’t perfect. A team of German researchers recently found that by physically freezing an Android device, its encryption could be bypassed.
The report went like this:
-German researchers exposed an Android to freezing temperatures for one hour
-After one hour had passed, the researchers could bypass Android’s native encryption feature (it’s been a built-in part of Android since Ice Cream Sandwich) by using a special script called FROST
-Researchers were able to access encrypted contact information, browsing histories, pictures, and more
To make the report even more surprising, the temperatures weren’t even that low. Phones were frozen at a mere ten degrees below 0 Celsius. Then, the battery was disconnected and reconnected, which placed the handset in a vulnerable mode.
Researchers used a code as the handset was starting up. This code was called FROST – Forensic Recovery Of Scrambled Telephones – and it gave researchers access to the inner depths of the phone.
So if you live in Canada, Russia, or any other country where it routinely gets below -10 degrees, then getting access to a friend’s encrypted phone is as easy as walking around outside for one hour and then running a simple script. Scary!
Newsletter
Get the latest tech news delivered to your inbox weekly.