[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Re: encrypting credentials is done plain wrong

From: Daniel Klima <danklima_at_gmail.com>
Date: Fri, 15 Apr 2011 02:13:31 -0700 (PDT)

> Hey.
>
> 15.04.11, 01:07, "Daniel Klima" <danklima at gmail dot com>:
> > Dmitry,
> > could you please read Raymond Chen's blog (http://blogs.msdn.com/b/oldnewthing/) and especially series about "on the other side of this airtight hatchway".
> > What you want is not what you get. You won't get security,just obfusction and considering it would be already running on same privlege level as is user's => other and more easier ways to get info you want. And obfuscation and opensource doesn't go well together anyway.
>
> Okay, I agree to admit that erasing the buffers once they are no longer needed is not Security, but it's Obfuscation and let's only use the word "obfuscation" hereinafter. You're completely right when you say the program doesn't become more secure in classic sense, but still breaking it becomes slightly harder.
>
> What I was trying to say it makes no sense to store the credentials in encrypted form when they've been previously manipulated using a class like CString because CString won't erase itself and therefore you will have one encrypted copy and numerous unencrypted copies of the credentials. This has nothing to do with security, but that's obfuscation done wrong.
>
> Bets wishes.
> Dmitry.

You seem to be confused.
File with passwords on hardrive has to be encrypted as it is longterm storage. THIS IS NOT AN OBFUSCATION BUT BASIC SECURITY MEASURE - you can gain access to hdd even offline and read any arbitrary sector,but access to process memory only as correct user with Debug priviledge or higher.

RAM enc is obfuscation,enc of file on drive is not.

Is that clear?

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=757&dsMessageId=2720070

To unsubscribe from this discussion, e-mail: [dev-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-04-15 11:36:44 CEST

This is an archived mail posted to the TortoiseSVN Dev mailing list.