Simon R Knight (srk@tcp.co.uk)
Thu, 18 Jun 1998 14:04:07 0000
On 18 Jun 98 at 10:53, Chris Wedgwood wrote:
> On Wed, Jun 17, 1998 at 09:12:50PM +0000, Simon R Knight wrote:
>
> > Do you know if the situation is different with page or segment
> > locks?
>
> AFAIK there is presently no way using the Win16/Win32 APIs to mark
> memory as non-pagable.
: (
<snip>
> This is actually a wider issue than data just being pages out, Peter
> Gutmann wrote a paper on data erasure/data persistence which makes
> for good reading. Check
> http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html for more
> details.
Yes I have this paper ... it does make very good reading ! It was
this paper, which introduced me to the possibility of bit flipping
sensitive data in physical memory, but until data can be reliably
lock/fixed/pinned in position, the technique can't be applied. Not
that any government agency is going to crash in ... rip out my users
motherboards, and quickly scan for fading bit remanence anyway.
> > I can devise a series of procedures that will monitor what
> > actually occurs in memory under the different Windows operating
> > systems and modes, but if a paper (or papers) already exist in the
> > public domain, then I would prefer to study these first.
>
> Monitoring the system probably isn't good enough. In fact, its
> likely doomed to fail under some circumstances, mainly because any
> user can set their process priority to be real time (or very near so
> for NT4 SP1 and later).
Ah ... what I meant was monitor what occurs in memory before
implementing such "locking" functions, although the
possibility for locking data appears more uncertain than ever.
Simon R Knight
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:18:39 ADT