Re: Credentials held unencrypted in memory during runtime

On Mon, Apr 11, 2011 at 1:26 PM, Stefan Küng <tortoisesvn_at_gmail.com> wrote:
> On 11.04.2011 19:15, Feldhacker, Chris wrote:
>> return sensitive data in mutable character arrays rather than
>> immutable types specifically so the data can be overwritten as soon
>> as it's no longer needed to avoid having sensitive data left floating
>> around memory...
>
> All this issue really is, is that 'security by obscurity' might be
> compromised, but that's no security at all.

No, it is reducing the window of vulnerability. Once the data is
overwritten, no one can read it. Yes, it is readable while it is being
used, but once the data is no longer needed, overwriting it closes the
vulnerability.

No means of protection is anywhere near perfect, therefore it is
essential to provide multiple layers of protection.

Security is everyone's responsibility, not just the OS.

BTW, I have seen a lot of incredibly stupid security measures that
truly do rely on obscurity. Amoung other things, my job includes
implementing mechanisms to both protect the software the software I
help create and to make it harder for third parties to subvert our
field upgrade capabilities to install their software in my employer's
products. It is a huge challenge.

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2719120

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-04-12 17:11:50 CEST