On Wed, Sep 9, 2015 at 10:26 PM, Szabolcs Nagy <[email protected]> wrote: > * Zack Weinberg <[email protected]> [2015-09-09 15:03:50 -0400]: >> On 09/09/2015 02:02 PM, [email protected] wrote: >> >> On Sep 9, 2015, at 1:54 PM, David Edelsohn <[email protected]> >> >> wrote: >> >> >> >> What level of erasure of sensitive data are you trying to ensure? >> >> Assuming that overwriting values in the ISA registers actually >> >> completely clears and destroys the values is delusionally naive. >> > >> > Could you point to some references about that? >> >> I *assume* David is referring to register renaming, which is not >> architecturally visible... >> > > or async signal handler copying all the register state on sigaltstack > or internal counters and debug features making sensitive info observable > or timing/cache-effect side channels that let other processes get info > or compiling to a highlevel language (js) with different kind of leaks > or running under emulator/debugger that can make secrets visible > or...
I think if attacker got that much control of the machine that he can get, for example, signals to reach your sensitive process, you already lost. Ditto for running under emulator.
