14 
Make no mistakes about it, your lockscreen is good at keeping honest people honest, but a truly dedicated thief is bound to find his way around it. One of the wilder ways to do so has recently been demonstrated by researchers who cracked through a Galaxy Nexus’s security by throwing it in a freezer.
The technique is called “cold-booting” and it’s been around as a computer hacking process for years. Thanks to RAMs tendency to hold onto little bits of data for just a small period of time, hackers can boot devices into other operating systems for nefarious purposes if they can turn a device off and on fast enough. That’s where the freezer comes in.
By putting the target phone—in this case, a Galaxy Nexus—in a freezer, researchers at Erlangen University in Germany found they could make the RAM retain data for five or six seconds instead of one or two. Turns out that’s just enough time to shut off the device, get it back up and running in fastboot mode, and steal the remnant data from the RAM with a special toolkit fittingly called FROST (Forensic Recovery of Scrambled Telephones). With that remnant data, they could then bypass the lockscreen with no problems, getting full access to the phone.
Fortunately, there are a bunch of requirements for such an attack. For one, the phone has to have a removable battery so it can be shut down fast enough. And it also has to have an unlocked bootloader. And, obviously, thieves need extended physical access to your phone to pull this off. Even if your phone doesn’t meet all those criteria, this little trick serves as a valuable reminder: don’t rely on the lockscreen for total security. There are always ways around it. [Ars Technica]
Rethinking the iPhone Lockscreen
This Crisp, Functional Lockscreen Is Reason Enough to Jailbreak Your iPhone
Sony's Xperia Z Added to Long List of Phones With Easily Bypassed Lockscreens
Cool.
Hmmm…a like-minded brethren who acknowledges the subtle nuance of a double entendre.
Interesting side point. Never thought of the security implications of removable vs non-removable batteries.
not necessarily, all it takes is for them to disassemble the phone and do it that way, you can even just use the board bare and connect a power supply to the battery terminals. the case and screen are not needed at all really for this kind of data gathering
things have just got a little more difficult with the new adb security features added in the newly released 4.2.2 but it is possible to remove a lock screen password/pattern in other (easier) ways too although admittedly often the bootloader needs to be unlocked at least, well unless you jtag the board and load an engineering or unlocked bootloader that way avoiding the userdata wipe.
so basically if you really want to stay safe youd better tick that encrypt data option, but even then that wont protect you from this method as i believe the data in the ram will already be decrypted
That’s very true. I suppose it depends on how determined the person is but obtaining customised boot loaders is quite easy in this golden age of information.
God I sound like a BBC journo.
indeed it is, in some cases its a bit more difficult for those without access to some of the more heavyweight tools but if were talking forensic stuff by the police/government im sure HTC for example would cough up an engineering bootloader and the key files needed to load it