There's still a big difference (in the real world) between writing to
RAM and writing to disk. Data written to disk could be recovered weeks
later, depending on the machine's usage, and it's right to be
concerned about keys ending up there.
On Mon, Apr 6, 2009 at 1:24 PM, Clark Cox wrote:
>
> Whe
On Apr 3, 2009, at 19:27 PM, Clark Cox wrote:
On Fri, Apr 3, 2009 at 3:57 PM, Rich Collyer
wrote:
My primary interest is to ensure that the content of an
NSSecureTextField
and any times I extract the string from it, the memory is not paged
out, or
cached.
Then turn on "Use Secure Virtu
Jonathan Hendry wrote:
For instance, if you plug a secure, encrypted USB key into a
public- access Mac, to which you may not have admin access in order
to change the preference setting. You don't want some malware
running on such a machine to be able to snoop the password that you
enter t
On Sun, Apr 5, 2009 at 11:03 PM, Kyle Sluder wrote:
> On Sun, Apr 5, 2009 at 8:07 PM, Chris Suter wrote:
>> What am I missing?
>
> If the attacker physically powers off the machine while the page is
> written out to disk, s/he can just read the page off the swap space on
> the HDD. If this page
On Mon, Apr 6, 2009 at 2:03 AM, Kyle Sluder wrote:
> On Sun, Apr 5, 2009 at 8:07 PM, Chris Suter wrote:
>> What am I missing?
>
> If the attacker physically powers off the machine while the page is
> written out to disk, s/he can just read the page off the swap space on
> the HDD. If this page c
On Mon, Apr 6, 2009 at 1:14 AM, Chris Suter wrote:
> Right, but someone who has physical access to the machine can do
> whatever they like. They could open the box and probe the memory
> directly somehow or add a malicious bit of software to get the details
> later.
My favorite attack involves us
Hi Kyle,
On Mon, Apr 6, 2009 at 4:03 PM, Kyle Sluder wrote:
> On Sun, Apr 5, 2009 at 8:07 PM, Chris Suter wrote:
>> What am I missing?
>
> If the attacker physically powers off the machine while the page is
> written out to disk, s/he can just read the page off the swap space on
> the HDD. If t
On Sun, Apr 5, 2009 at 8:07 PM, Chris Suter wrote:
> What am I missing?
If the attacker physically powers off the machine while the page is
written out to disk, s/he can just read the page off the swap space on
the HDD. If this page contains, say, an initialization vector, then
bang you're dead.
Hi Finlay,
On Sun, Apr 5, 2009 at 6:47 AM, Finlay Dobbie wrote:
> --
> Indeed, many types of data, such as hashes, unencrypted versions of
> sensitive data, and authentication tokens, should generally not be
> written to disk due to the potential for abuse. This raises an
> interesting problem.
On Fri, Apr 3, 2009 at 11:57 PM, Rich Collyer wrote:
> My primary interest is to ensure that the content of an NSSecureTextField
> and any times I extract the string from it, the memory is not paged out, or
> cached.
http://developer.apple.com/documentation/Darwin/Conceptual/KernelProgramming/sec
Clark Cox (clarkc...@gmail.com) on 2009-04-03 7:27 PM said:
>> My primary interest is to ensure that the content of an NSSecureTextField
>> and any times I extract the string from it, the memory is not paged out, or
>> cached.
>
>Then turn on "Use Secure Virtual Memory" in the Security Pane in
>Sy
On Fri, Apr 3, 2009 at 3:57 PM, Rich Collyer wrote:
> My primary interest is to ensure that the content of an NSSecureTextField
> and any times I extract the string from it, the memory is not paged out, or
> cached.
Then turn on "Use Secure Virtual Memory" in the Security Pane in
System Preferenc
My primary interest is to ensure that the content of an
NSSecureTextField and any times I extract the string from it, the
memory is not paged out, or cached.
+++
Rich Collyer - Senior Software Engineer
+++
On Apr 2, 2009, at 4:19 PM, Dave Carrigan wrot
On Apr 2, 2009, at 3:50 PM, Rich Collyer wrote:
Is there a way to mark as application (or at least its heap) as non-
pageable.
mlock(2) might be what you're looking for, but we would need more
information on what you are specifically attempting to do.
--
Dave Carrigan
d...@rudedog.org
Se
On Thu, Apr 2, 2009 at 3:50 PM, Rich Collyer wrote:
> Is there a way to mark as application (or at least its heap) as
> non-pageable.
You could ask the kernel to wire down your memory to physical memory,
but that is usually a very Bad Idea.
--
Clark S. Cox III
clarkc...@gmail.com
_
Is there a way to mark as application (or at least its heap) as non-
pageable.
+++
Rich Collyer - Senior Software Engineer
+++
smime.p7s
Description: S/MIME cryptographic signature
___
Cocoa-dev mailing list
16 matches
Mail list logo
