EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Swapping memory to disk

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#2638
Posted: 03/28/2007 10:53:39
by Mike Coates (Basic support level)
Joined: 03/28/2007
Posts: 4

Hi,

On recent wanderings around the internet I have noticed a few postings from people concerned about sensitive data being swapped to disk when running apps on a windows platform. Are there any safeguards in place which can prevent this from occuring in SecureBlackboxPGP? I would rather avoid using any kernel32 api functions on a server which runs other processes..!

Kind Regards,

Mike
#2640
Posted: 03/28/2007 11:05:03
by Eugene Mayevski (EldoS Corp.)

Security is as weak as it's weakest link. Memory being swapped to disk (to a pagefile) is far from a weakest link. If the server is running some harmful process, such server is in HUGE trouble by itself, with or without swapping.


Sincerely yours
Eugene Mayevski
#2641
Posted: 03/28/2007 11:15:53
by Mike Coates (Basic support level)
Joined: 03/28/2007
Posts: 4

Thanks again for a very quick reply - I am guessing that is a no then.
I agree, it's certainly not the weakest point of course.
Mitigation of possible security issues is generally a good idea though if possible. I figure playing with win memory management at a reasonably low level is probably not worth the very slight risk involved with some secure data somehow ending up in the swapfile and somehow falling into the wrong hands!
I suppose if need be the whole disk could be encrypted anyway.

Cheers again,

Mike

Reply

Statistics

Topic viewed 1643 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!