Date: Wed, 27 Feb 2008 00:12:23 +0000 From: RW <fbsd06@mlists.homeunix.com> To: freebsd-hackers@freebsd.org Subject: Re: Zeroing sensitive memory chunks [Was: Security Flaw in Popular Disk Encryption Technologies] Message-ID: <20080227001223.5fa02d7d@gumby.homeunix.com.> In-Reply-To: <F%2Bddaw3xLJM9IaFtZ1gcsmL2rAE@TcVCwvrgYu/k%2BEI2cCTuSb7Kono> References: <20080223010856.7244.qmail@smasher.org> <47C068B5.2090000@thedarkside.nl> <20080223185620.GA98105@eos.sc1.parodius.com> <CHndeNGUDnyFiyFuhzNdulGXPe8@nE9n69L2PrcQKa%2Be6OgU6kZtlVg> <1204051337.47c45d89ea6eb@imp.free.fr> <F%2Bddaw3xLJM9IaFtZ1gcsmL2rAE@TcVCwvrgYu/k%2BEI2cCTuSb7Kono>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 26 Feb 2008 22:49:37 +0300 Eygene Ryabinkin <rea-fbsd@codelabs.ru> wrote: > Yes, Geoff just responded to my private question: it was Peter > Gutmann, who pointed him to the thing you're talking about. There > is a paper by Peter, > http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gutmann/ There's an updated copy of this paper on Gutmann's site that points-out that he was writing about devices that were being decommissioned in the early nineties, and that he's sceptical about anything being recovered from modern drives once they have been overwritten - even once. The idea that that forensic scientists use this kind of technique to recover deleted files is a myth. > I still don't understand how cleaning of a memory area will help > to clean the swapped page, but may be there are some systems which > will update the swapped page on the memory access. That shouldn't be an issue since it's easy to encrypt swap with a one-time key. In FreeBSD you simply append .eli to the swap device name in fstab.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080227001223.5fa02d7d>