Featured Research

from universities, journals, and other organizations

Security risk: Sensitive data can be harvested from a PC even if it is in standby mode, experts say

Date:
August 10, 2012
Source:
Inderscience
Summary:
When you switch off your computer any passwords you used to login to web pages, your bank or other financial account evaporate into the digital ether, right? Not so fast! Researchers in Greece have discovered a security loophole that exploits the way computer memory works and could be used to harvest passwords and other sensitive data from a PC even if it is in standby mode.

When you switch off your computer any passwords you used to login to web pages, your bank or other financial account evaporate into the digital ether, right? Not so fast! Researchers in Greece have discovered a security loophole that exploits the way computer memory works and could be used to harvest passwords and other sensitive data from a PC even if it is in standby mode.

Writing in a forthcoming issue of the International Journal of Electronic Security and Digital Forensics, Christos Georgiadis of the University of Macedonia in Thessaloniki and colleagues Stavroula Karayianni and Vasilios Katos at the Democritus University of Thrace in Xanthi explain how their discovery could be used by information specialists in forensic science for retrieving incriminating evidence from computers as well as exploited by criminals to obtain personal data and bank details.

The researchers point out that most computer users assume that switching off their machine removes any data held in random access memory (RAM), this type of fast memory is used by the computer to temporarily hold data currently used by a given application. RAM is often referred to as volatile memory, because anything contained in RAM is considered lost when a computer is switched off. Indeed, all data is lost from RAM when the power supply is disconnected; so it is volatile in this context.

However, Georgiadis and colleagues have now shown that data held in RAM is not lost if the computer is switched off but the mains electricity supply not interrupted. They suggest that forensics experts and criminals might thus be able to access data from the most recently used applications. They point out that starting a new memory-intensive application will overwrite data in RAM while a computer is being used, but simply powering off the machine leaves users vulnerable in terms of security and privacy.

"The need to capture and analyse the RAM contents of a suspect PC grows constantly as remote and distributed applications have become popular, and RAM is an important source of evidence," the team explains, as it can contain telltale traces of networks accessed and the unencrypted forms of passwords sent to login boxes and online forms.

The team tested their approach to retrieving data from RAM after a computer had been switched off following a general and common usage scenario involving accessing Facebook, Gmail, Microsoft Network (MSN) and Skype. They carried out RAM dumps immediately after switch off at 5, 15 and 60 minutes. They then used well-known forensic repair tools to piece together the various fragments of data retrieved from the memory dumps.

The team was able to reconstruct login details from the memory dumps for several popular services being used in the Firefox web browser including Google Mail (GMail), Facebook, Hotmail, and the WinRar file compression application. "We can conclude that volatile memory loses data under certain conditions and in a forensic investigation such memory can be a valuable source of evidence," the team says.


Story Source:

The above story is based on materials provided by Inderscience. Note: Materials may be edited for content and length.


Journal Reference:

  1. Christos Georgiadis, Stavroula Karayianni and Vasilios Katos. A framework for password harvesting from volatile memory. International Journal of Electronic Security and Digital Forensics, 2012

Cite This Page:

Inderscience. "Security risk: Sensitive data can be harvested from a PC even if it is in standby mode, experts say." ScienceDaily. ScienceDaily, 10 August 2012. <www.sciencedaily.com/releases/2012/08/120810083611.htm>.
Inderscience. (2012, August 10). Security risk: Sensitive data can be harvested from a PC even if it is in standby mode, experts say. ScienceDaily. Retrieved April 23, 2014 from www.sciencedaily.com/releases/2012/08/120810083611.htm
Inderscience. "Security risk: Sensitive data can be harvested from a PC even if it is in standby mode, experts say." ScienceDaily. www.sciencedaily.com/releases/2012/08/120810083611.htm (accessed April 23, 2014).

Share This



More Computers & Math News

Wednesday, April 23, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Monkeys Are Better At Math Than We Thought, Study Shows

Monkeys Are Better At Math Than We Thought, Study Shows

Newsy (Apr. 23, 2014) — A Harvard University study suggests monkeys can use symbols to perform basic math calculations. Video provided by Newsy
Powered by NewsLook.com
High Court to Hear Dispute of TV Over Internet

High Court to Hear Dispute of TV Over Internet

AP (Apr. 22, 2014) — The future of Aereo, an online service that provides over-the-air TV channels, hinges on a battle with broadcasters that goes before the U.S. Supreme Court on Tuesday. (April 22) Video provided by AP
Powered by NewsLook.com
Aereo Takes on Broadcast TV Titans in Supreme Court Today

Aereo Takes on Broadcast TV Titans in Supreme Court Today

TheStreet (Apr. 22, 2014) — Aereo heads to the Supreme Court today to fight for its right to stream broadcast TV over the Internet -- against broadcasters who say the start-up infringes upon copyright law. TheStreet Deputy Managing Editor Leon Lazaroff explains the importance of the case in the TV industry and details what the outcome of it could mean for broadcasters and for cloud storage services -- as Aereo allows its subscribers to not just watch live TV shows but also store content to a DVR in the cloud. Video provided by TheStreet
Powered by NewsLook.com
Lytro Introduces 'Illum,' A Professional Light-Field Camera

Lytro Introduces 'Illum,' A Professional Light-Field Camera

Newsy (Apr. 22, 2014) — The light-field photography engineers at Lytro unveiled their next innovation: a professional DSLR-like camera called "Illum." Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins