did you really expunge that key?
Simon Josefsson
jas at extundo.com
Fri Nov 8 12:45:53 EST 2002
"John S. Denker" <jsd at monmouth.com> writes:
> 1) This topic must be taken seriously. A standard technique
> for attacking a system is to request a bunch of memory or
> disk space, leave it uninitialized, and see what you've got.
I find that this thread doesn't discuss the threat model behind
"expunging" keys, and this statement finally triggered my question.
On which systems is all this really an issue, and when? Which
operating systems "leak" memory between processes in this way? Which
operating systems swap out processes to disk that can be read by
non-privileged users? Which operating systems write core dumps that
can be read by non-privileged users? My gut feeling tells me that if
you can allocate memory on a system, there are easier way to attack it.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list