Freezedroid: Researchers discover cold temps can unlock secured Android phones

Researchers at Friedrich-Alexander University in Germany have discovered a somewhat unusual method for cracking the security on encrypted Android phones — sticking them in the freezer.

According to the team, the technique works (at least in part) even on devices that are fully encrypted and have locked bootloaders. Their toolkit for the exploit is dubbed FROST, for Forensic Recovery Of Scrambled Telephones.

[More devices in extremis: 10 rugged gadgets for surviving dirty, dangerous jobs]

“Scrambled telephones are a nightmare for IT forensics and law enforcement, because once the power of a scrambled device is cut any chance other than brute force is lost to recover data,” the FAU team said.

Disk encryption was introduced to Android, ironically, in Version 4.0, or Ice Cream Sandwich. The researchers used a Samsung Galaxy Nexus to demonstrate FROST in a step-by-step tutorial posted to their website.

The idea behind the trick is that information stored in RAM remains present for much longer if the temperature is particularly cold — which means that it can be possible to access decryption keys stored in the phone’s memory if it’s done quickly enough.

By chilling a well-charged phone to about minus 10 degrees Celsius, then turning it off and on again as fast as possible (the team recommended simply popping the battery in and out quickly) and booting it into recovery mode, data like photos, Web history and phone contact lists can be plucked from the device using custom software developed by the German researchers.

If the phone has an unlocked bootloader, the software can even snare encryption keys from the vulnerable RAM, allowing for full access to everything stored on the device.

Email Jon Gold at jgold@nww.com and follow him on Twitter at @NWWJonGold. Winter is coming.