Recovering contents directly from physical RAM of devices has been known for quite some time – it involves esoteric measures such as freezing the device using liquid nitrogen or by putting it in the freezer. It is interesting to see this technique being used to attack Android phones to recover disk encryption keys. Potentially this might defeat on-disk encryption for Android devices, though there are quite some caveats in the technique discussed on the website.
To this end we perform cold boot attacks against Android smartphones and retrieve disk encryption keys from RAM. We show that cold boot attacks against Android phones are generally possible for the first time, and we perform our attacks practically against Galaxy Nexus devices from Samsung.