[Cryptography] Secure erasure
Aram Perez
aramperez at mac.com
Sat Sep 10 21:32:40 EDT 2016
> On Sep 9, 2016, at 8:28 PM, John Denker <jsd at av8n.com> wrote:
>
> On 09/09/2016 12:22 PM, Kent Borg wrote:
>
>> Most of the "secure erase can't work" in this thread seems
>> equivalent to "memory can't be trusted". Indeed, there is a lot of
>> reason to mistrust hardware. Okay then, do you dare do any
>> cryptography at all in your hardware? If so (big if), then how to do
>> a secure erase becomes a sensible question.
>
> That argument, oversimplified as it is, cuts both ways.
>
> Back in the Olden Days some operating systems didn't bother to clear
> memory before allocating it to a different process, That wasn't even
> particularly unreasonable on a single-owner single-user machine, but
> it meant that you could spy on another process just by doing a bunch
> of malloc()s. In contrast, a modern operating system is "supposed"
> to be more fastidious than that.
For those of you that remember the PDP-11/20 and the RSTS OS with BASIC, a trick we used to get other people's passwords was to allocated a huge array of strings and then search the array for the phrase "password: ". By printing the words around the phrase, you could get both the user name and password.
/Aram
More information about the cryptography
mailing list