Interesting. This reminds me of a bug from a couple years ago. Apple used to leave a big unencrypted swap file on disk, so you would open up single user mode and search for string related to login and there would usually be a cache of logins and passwords in the clear. Apple fixed this bug by removing the swap file, among other things. But it turns out that there are ways to enable a dev representing virtual memory with some kernel hacking, that does something similar as the swap.
This vulnerability is fairly similar in that it involves scouring memory, is somewhat more sophisticated since it requires some decryption, but is less powerful since it relies on memory being intact, whereas the most common, illicit way to gain root access is by single user mode, which usually obliterates much memory. But it would be interesting to test--to preserve memory it would be best to set boot flags for single user and then restart as opposed to rebooting (presumably this would cut power to memory for a shorter period of time, thereby better preserving its contents).
This vulnerability is fairly similar in that it involves scouring memory, is somewhat more sophisticated since it requires some decryption, but is less powerful since it relies on memory being intact, whereas the most common, illicit way to gain root access is by single user mode, which usually obliterates much memory. But it would be interesting to test--to preserve memory it would be best to set boot flags for single user and then restart as opposed to rebooting (presumably this would cut power to memory for a shorter period of time, thereby better preserving its contents).