Re: RSA's SecurPC not-so-"Secur"

New Message Reply About this list Date view Thread view Subject view Author view

Sunder (sunder@brainlink.com)
Tue, 12 May 1998 10:47:40 -0400


Better yet, do this: If I recall correctly, it is possible to start up NT and
tell it to not use all of the memory that it has. That is lie to it. Tell it
you have 60Mb instead of 64. You can then write a ring 0 driver which would
let you access this hidden memory at will unhindered by worries of having it
being paged out.

Other possibilities: write to an SRAM PC Card for which you remove the battery
and have some constant timed process randomly encrypt the cards RAM with a
different key stored in RAM somewhere... Even if the key gets swapped out,
the likelyhood of both the key and the PC card being recovered are much
much lower.

> Instead of trying to avoid paging, which seems to be impossible across Unix/NT
> platforms, why not restrict it to a known secure area through the use of a memory
> mapped file. i.e. set restrictive permissions on your directory and use a mapped
> file within it to hold all sensitive data. At least then when you wipe it you'll know
> for sure your password's never been in swap.

-- 

=====================================Kaos=Keraunos=Kybernetos============== .+.^.+.| Ray Arachelian |Prying open my 3rd eye. So good to see |./|\. ..\|/..|sunder@sundernet.com|you once again. I thought you were |/\|/\ <--*-->| ------------------ |hiding, and you thought that I had run |\/|\/ ../|\..| "A toast to Odin, |away chasing the tail of dogma. I opened|.\|/. .+.v.+.|God of screwdrivers"|my eye and there we were.... |..... ======================= http://www.sundernet.com ==========================


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:17:20 ADT