The vendor HyBlue says it can prevent the "cold boot" encryption hack discovered by Princeton researchers with a laptop  security product announced Tuesday.

The cold boot vulnerability allows hackers to steal encryption keys from dynamic RAM (DRAM) memory in laptops that have been recently powered down. While Microsoft says such an attack is unlikely, Princeton researchers in February said it is possible because data previously thought to disappear immediately from DRAM persists for a while after the computer has been shut off.

HyBlue's IceLock technology automatically deletes those keys out of memory and overwrites them with random data when there is a state change, such as screen saver activation, hibernation, or a user logging off or powering the computer down. (Compare security products.)  When the user turns the computer back on, the normal password/login process ensues.

"They're the first ones I've seen that [erase the keys from DRAM]," says analyst Michael Santarcangelo of the Security Catalyst. "I think it's pretty clever."

The problem with similar products is they don't "have an awareness of their environment. They assume when you go to sleep or turn off the computer, that RAM is erased," says HyBlue CEO Matthew Sutton.

The cold boot attack is so named because it requires hackers to cool a computer's memory to -58 degrees Fahrenheit (-50 degrees Celsius), giving them as much as 10 minutes to examine the contents.

IceLock is available immediately on Windows XP and Vista for a discounted rate of $49.95 per computer per year until July 1, 2008. After that, the price goes up to $99.95 per computer per year. A Macintosh OSX version will be released later this year, and HyBlue intends to offer a similar product for smartphones this year.

While IceLock requires software to be downloaded onto each computer, the product's management tools are delivered over the Web in the software-as-a-service (SaaS) model. These tools include a Web-based central policy management and key recovery system, and ability to remotely wipe data from stolen or missing computers – assuming the computer is connected to the Internet.

Santarcangelo credited HyBlue for not placing undue burdens on users. A user just needs a Windows login password and a second password to access a partitioned area that contains files protected by IceLock encryption, he notes.

Whitepapers

• Getting in Compliance With Government Data Regulations By Leveraging Online Security Technology
• How to Offer the Strongest SSL Encryption
• Maximizing Site Visitor Trust Using Extended Validation SSL
• Seven Steps to Reducing your Security Risk
• The Latest Advancements in SSL Technology
• Vulnerability Management For Dummies

View more SECURITY whitepapers

Webcasts

• Mobile Data Security
• Best Practices for Deploying WAN Optimization for Disaster Recovery
• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• The self-managed network

View more SECURITY special reports