Cold boot attack

8v55

Is Graphene OS safe from a cold boot attack? For example if it stops auto reboot or freeze the memory for forensic to see what is on it while it is unlock?

GrapheneOS

8v55 If the device has time to auto-reboot after it's taken, it protects against exploiting it or extracting data from the SoC, memory, etc. in general. Exploiting the device before then is possible but very difficult. It's very impractical to either extract the memory while preserving content or to connect to it while it's in use. From what we know, that's not currently being used as an attack vector in practice but we expect it to become one. Auto-reboot is a strong protection against it since the time to get it to a specialized lab for this is very limited. We lowered the default to 18 hours from 72 hours partly due to threats like this.

Upstate1618 The general purpose RAM is not fully encrypted yet but the way it's designed does make this quite hard. It's very likely to be added as a future improvement to the SoC memory controller.

wuseman

How would you freeze the memory of a phone with soldered RAM?

DeletedUser87

this thread is living proof that people read something online and instantly assume that they're under attack or at risk of being targeted by attack X. As @wuseman already pointed out, it is physically impossible to desolder RAM while simultaneously cooling it down below freezing temperature.

Upstate1618

Pixel's RAM is not encrypted. As well as Apple's.