A group at Princeton University has found an exploit in common computer hardware that allows them to break codes and retrieve the encrypted data stored on the computers hard disks. The process at its most extreme involves direct access to the computer using a can of compressed air held upside down to freeze the DRAM chip(s) to access the encryption key stored in memory.
When stored data is encrypted, the software usually will use a key to encode and decode the data. That key is most often created and stored into a computer’s memory after a user logs into the computer with a password. According to the researchers, a common misconception is that once the computer is turned off, the DRAM memory disappears and so does the encryption key. In their studies, partially funded by the Dept. of Homeland Security, they found that data is actually retained in the computers memory for many seconds or sometimes even minutes after the computer is turned off. They also found that by freezing the memory chips with liquid nitrogen found in a common can of air for removing dust, they could get the data to remain in memory easily for as long as ten minutes, and often longer.