Modifying Pidgin isn't out of the question, but a bug report would need to be added there.
-- Brendan Byrd <[email protected]> System Integration Analyst (NOC Web Developer) -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Rob Smits Sent: Saturday, January 07, 2012 7:00 PM To: [email protected] Subject: Re: [OTR-dev] OTR and Cold Boot Attacks Hi Justin, Unfortunately there are some complications with fixing this completely. In terms of libotr, it would be pretty simple to garble the memory it allocates for decrypted messages before freeing it (in otrl_message_free). However libotr can't guarantee that the contents weren't copied elsewhere. In terms of pidgin-otr, we are out of luck. It will in fact make a copy of the contents of a decrypted message and provide this copy to pidgin. Pidgin-otr then has no way to know when pidgin will free this memory. Without modifying pidgin I don't think there is a way around this. Regards, Rob > -----Original Message----- > From: [email protected] [mailto:otr-dev- > [email protected]] On Behalf Of Justin Bull > Sent: January-02-12 7:27 PM > To: [email protected] > Subject: [OTR-dev] OTR and Cold Boot Attacks > > Hello otr-dev, > > I've been doing some minor research into cold boot attacks. I found > OTR quite susceptible to this type of attack. I propose that the code > is updated to > zero-out or garble the allocated memory used for storing the IM > conversations prior to freeing it back to the OS. This would mimic TrueCrypt's > strategy to mitigating success of such an attack. > > See TrueCrypt's acknowledgement here: > http://www.truecrypt.org/docs/?s=unencrypted-data-in-ram > > > "Keep in mind that most programs do not clear the memory area > > (buffers) > in which they store unencrypted (portions of) files [...] This means > that after > you exit such a program, unencrypted data it worked with may remain in > memory (RAM) until the computer is turned off (and, according to some > researchers, even for some time after the power is turned off*)." > > > "When a non-system TrueCrypt volume is dismounted, TrueCrypt erases > > its > master keys (stored in RAM)." > _______________________________________________ > OTR-dev mailing list > [email protected] > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
