[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Re: encrypting credentials is done plain wrong

From: Simon Large <simon.tortoisesvn_at_gmail.com>
Date: Fri, 15 Apr 2011 10:51:27 +0100

On 15 April 2011 10:13, Daniel Klima <danklima_at_gmail.com> wrote:
>> Hey.
>>
>> 15.04.11, 01:07, "Daniel Klima" <danklima at gmail dot com>:
>> > Dmitry,
>> >  could you please read Raymond Chen's blog (http://blogs.msdn.com/b/oldnewthing/) and especially series about "on the other side of this airtight hatchway".
>> >  What you want is not what you get. You won't get security,just obfusction and considering it would be already running on same privlege level as is user's => other and more easier ways to get info you want. And obfuscation and opensource doesn't go well together anyway.
>>
>> Okay, I agree to admit that erasing the buffers once they are no longer needed is not Security, but it's Obfuscation and let's only use the word "obfuscation" hereinafter. You're completely right when you say the program doesn't become more secure in classic sense, but still breaking it becomes slightly harder.
>>
>> What I was trying to say it makes no sense to store the credentials in encrypted form when they've been previously manipulated using a class like CString because CString won't erase itself and therefore you will have one encrypted copy and numerous unencrypted copies of the credentials. This has nothing to do with security, but that's obfuscation done wrong.
>>
>> Bets wishes.
>> Dmitry.
>
> You seem to be confused.

I don't think so. He never mentioned the hard drive, this is purely
about in-memory storage.

> File with passwords on hardrive has to be encrypted as it is longterm storage. THIS IS NOT AN OBFUSCATION BUT BASIC SECURITY MEASURE - you can gain access to hdd even offline and read any arbitrary sector,but access to process memory only as correct user with Debug priviledge or higher.
>
> RAM enc is obfuscation,enc of file on drive is not.
>
> Is that clear?

Yes we know all that. You have jumped into the middle of a (long and
acrimonious) discussion without reading the background, which is here:

http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2718832

This is only about obfuscating RAM content, not disk storage which is
already encrypted.

Simon

-- 
:       ___
:  oo  // \\      "De Chelonian Mobile"
: (_,\/ \_/ \     TortoiseSVN
:   \ \_/_\_/>    The coolest Interface to (Sub)Version Control
:   /_/   \_\     http://tortoisesvn.net
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=757&dsMessageId=2720075
To unsubscribe from this discussion, e-mail: [dev-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-04-15 11:51:36 CEST

This is an archived mail posted to the TortoiseSVN Dev mailing list.