Perspectives-Server icon indicating copy to clipboard operation
Perspectives-Server copied to clipboard
verified publisher icon danwent

Overwrite sensitive memory

Open daveschaefer opened this issue 11 years ago • 2 comments

While sensitive data stored in memory can never be truly safe on an untrusted system, especially in python with immutable strings, garbage collection algorithms, et cetera, we could take steps to enhance our current treatment of sensitive information.

Notary server code could track any strings that contain sensitive information, and overwrite them with e.g. zeros once they are no longer needed or if the notary shuts down. This would be better than doing nothing.

daveschaefer avatar Apr 09 '14 05:04 daveschaefer

I have some draft code that would work for this in cpython implementations. It may not work in other implementations.

daveschaefer avatar Apr 09 '14 05:04 daveschaefer

It seems to be useless, and let me explain why. There are some sensitive dada - indeed, there are some other processes on servers - true, but if your potential opponent can take over even the garbage collection of the language or os - it means that he has root privileges. And it means there's no way to stop him from obtaining an information he needs.

netsafe avatar Jun 26 '15 11:06 netsafe