A team of researchers led by the Electronic Frontier Foundation (EFF), said they have found that a number of disk encryption technologies aren't quite so safe. They said their research was inspired by computer scientists who noted the fact that memory does not clear on reboots or in a low power state,

The problem is two-fold. One, computers don't zero out the RAM on a warm reboot and even when they've been powered down for a few seconds, their contents can be extracted. The second problem is that when a computer is put in a low-power state, either sleep mode or hibernation, decryption keys are still in memory and can in theory be accessed.

Getting at the decryption keys wasn't even the hard part, according to EFF Staff Technologist Seth Schoenm who took part in the test along with Princeton University and some private researchers.

"There is a fair amount of skill involved in developing these tools, but I don't think carrying out the theft requires very much skill," he told InternetNews.com. The results of the paper, entitled "Lest We Remember: Cold Boot Attacks on Encryption Keys," can be found here.

The researchers found they were able to get at the contents of memory and crack a number of disk encryption technologies, including Microsoft's BitLocker, Apple's FileVault, and the open source programs TrueCrypt and dm-crypt. With the encryption keys and passwords stored in memory, the researchers were able to retrieve them and effectively turn off encryption.

Richard Moulds, executive vice president of product strategy for enterprise security vendor nCipher, said people make too many assumptions about security. "Just because it's encrypted doesn't mean it's safe," he said. "Security isn't quite that simple. People probably make assumptions because they assume it loses its contents on power off."

This article was first published on InternetNews.com. To read the full article, click here.