[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Re: Re: encrypting credentials is done plain wrong

From: Daniel Klima <danklima_at_gmail.com>
Date: Fri, 15 Apr 2011 13:19:43 -0700 (PDT)

> On 15 April 2011 10:13, Daniel Klima <danklima at gmail dot com> wrote:
> >> Hey.
> >>
> >> 15.04.11, 01:07, "Daniel Klima" <danklima at gmail dot com>:
> >> > Dmitry,
> >> >  could you please read Raymond Chen's blog (http://blogs.msdn.com/b/oldnewthing/) and especially series about "on the other side of this airtight hatchway".
> >> >  What you want is not what you get. You won't get security,just obfusction and considering it would be already running on same privlege level as is user's => other and more easier ways to get info you want. And obfuscation and opensource doesn't go well together anyway.
> >>
> >> Okay, I agree to admit that erasing the buffers once they are no longer needed is not Security, but it's Obfuscation and let's only use the word "obfuscation" hereinafter. You're completely right when you say the program doesn't become more secure in classic sense, but still breaking it becomes slightly harder.
> >>
> >> What I was trying to say it makes no sense to store the credentials in encrypted form when they've been previously manipulated using a class like CString because CString won't erase itself and therefore you will have one encrypted copy and numerous unencrypted copies of the credentials. This has nothing to do with security, but that's obfuscation done wrong.
> >>
> >> Bets wishes.
> >> Dmitry.
> >
> > You seem to be confused.
> I don't think so. He never mentioned the hard drive, this is purely
> about in-memory storage.
> > File with passwords on hardrive has to be encrypted as it is longterm storage. THIS IS NOT AN OBFUSCATION BUT BASIC SECURITY MEASURE - you can gain access to hdd even offline and read any arbitrary sector,but access to process memory only as correct user with Debug priviledge or higher.
> >
> > RAM enc is obfuscation,enc of file on drive is not.
> >
> > Is that clear?
> Yes we know all that. You have jumped into the middle of a (long and
> acrimonious) discussion without reading the background, which is here:
> http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2718832
> This is only about obfuscating RAM content, not disk storage which is
> already encrypted.
> Simon

Sorry. Seems I somehow saw harddrive mentioned.Most probably caused by "stored". (And I don't monitor users ML ; maybe when crossing ML boundaries it would be good idea to reference that discussion-OP had only stackoverflow)

However main point is that once Debug priviledge is granted nothig is safe anyway for program/service.

BTW:It looks like Stefan King sent same set links I did... (talk about jumping with already known info)

Would it be possible to revert that code? It doesn't have any purpose,so why to keep it? (and shutting up script kiddies is not purpose ;) )

Anyway,sorry for noise.


To unsubscribe from this discussion, e-mail: [dev-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-04-15 22:21:01 CEST

This is an archived mail posted to the TortoiseSVN Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.