Study: Disk Encryption Not Secure, Particularly With Laptops

SAN FRANCISCO — A team of researchers has found a major security flaw in several popular disk-encryption technologies that leaves encrypted data vulnerable to attack and exposure, particularly when laptops are in sleep mode.

Researchers from the Electronic Frontier Foundation and Princeton University have cracked several widely used disk encryption technologies, including Microsoft's BitLocker, Apple's FileVault, TrueCrypt and dm-crypt.

Those disc encryption systems are designed to protect sensitive information if a computer is stolen or otherwise accessed, but researchers said data is still vulnerable because encryption keys and passwords stored in a computer's temporary memory, or RAM, don’t disappear immediately after losing power.

"People trust encryption to protect sensitive data when their computer is out of their immediate control," EFF spokesman Seth Schoen said. "But this new class of vulnerabilities shows it is not a sure thing.

“Whether your laptop is stolen or you simply lose track of it for a few minutes at airport security, the information inside can still be read by a clever attacker," he said.

Laptops are particularly vulnerable to attack when they are turned on but locked, or in sleep or hibernation mode entered when the laptop's cover is shut, the EFF said.

Researchers said that even though the machines require a password to unlock the screen, the encryption keys are already located in the RAM, which provides an opportunity for attackers with malicious intent.

For the full paper, "Lest We Remember: Cold Boot Attacks on Encryption Keys," a demonstration video and other background information, click here.

Related:  

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

XBIZ Miami's Host Hotel Sold Out, General Registration Now Open

Guest rooms at XBIZ Miami’s exclusive conference venue, Nautilus Sonesta Miami Beach hotel in South Beach, are now completely sold out.

Adult Industry Educational, Networking Platform 'Imperfectly You' Launches

Imperfectly You, an educational and networking platform for adult industry workers, has officially launched.

Segpay to Launch News Network for High-Risk Merchants

Segpay has announced that it will launch the Segpay News Network (SNN) on April 15.

Age Verification Watch: Patching the Holes

This roundup provides an update on the latest news and developments on the age verification front as it impacts the adult industry.

Pineapple Support to Host Autism Spectrum Support Group

Pineapple Support is hosting a free online support group for performers and creators who are, or suspect they may be, on the autism spectrum.

ImLive Launches Revamped Member Loyalty Program

Cam platform ImLive has revamped its member loyalty program.

GoFundMe Set Up for Danny Ferretti's Medical Expenses

A GoFundMe campaign has been set up for Fangear founder Danny Ferretti, who requires extensive lung surgery.

Byborg Acquires Cuties AI

Byborg Enterprises has acquired adult artificial intelligence startup Cuties AI.

Irish Government Releases Report on Sex Work Decriminalization Legislation

The Irish government has released a report reviewing a 2017 law that decriminalized sex work across the country.

Texas Bill Would Require Age Verification for Online Sex Toy Sales

A new bill in the Texas state legislature would require online retailers to implement age verification of purchasers before selling “obscene devices” to anyone in that state.

Show More