Simon R Knight (srk@tcp.co.uk)
Thu, 18 Jun 1998 01:54:00 0000
On 18 Jun 98 at 10:53, Chris Wedgwood wrote:
> On Wed, Jun 17, 1998 at 09:12:50PM +0000, Simon R Knight wrote:
>
> > Do you know if the situation is different with page or segment locks?
>
> AFAIK there is presently no way using the Win16/Win32 APIs to mark memory as
> non-pagable.
: (
<snip>
> This is actually a wider issue than data just being pages out, Peter Gutmann
> wrote a paper on data erasure/data persistence which makes for good reading.
> Check http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html for more
> details.
Yes I have this paper ... it does make very good reading ! It was
this paper, which introduced me to the possibility of bit flipping
sensitive data in physical memory, but until data can be reliably
lock/fixed/pinned in position, the technique can't be applied. Not
that any government agency is going to crash in ... rip out my
users motherboards, and quickly scan for fading bit remanence anyway.
> > I can devise a series of procedures that will monitor what actually occurs
> > in memory under the different Windows operating systems and modes, but if
> > a paper (or papers) already exist in the public domain, then I would
> > prefer to study these first.
>
> Monitoring the system probably isn't good enough. In fact, its likely doomed
> to fail under some circumstances, mainly because any user can set their
> process priority to be real time (or very near so for NT4 SP1 and later).
No ... what I meant was monitor what occurs in memory before
implementing such "locking" functions, although the
possibility for locking data appears more uncertain than ever.
Simon R Knight
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:18:38 ADT