A modified version of GnuPG

Max V. Zinal Zlat0 at mail.ru
Tue May 21 20:40:01 CEST 2002

Tuesday, May 21, 2002, 8:21:18 AM, Peter Gutmann wrote:

PG> Could you explain what you mean by "secure memory"?  There are a variety of
PG> interpretations possible, some erroneous (in general the term "secure memory"
PG> is an oxymoron in an OS which has functions like VirtualProtect() and
PG> ReadProcessMemory(), so a bit more detail would be useful).

When I said "secure memory" I was going to say "VirtualLock under
Windows  NT/2000/XP",  which keeps you absolutely safe unless you
have  a  Terminal  Server  with  an  evil-minded admin, or remote
desktop    connection    with    'Debug' privileges.

As  you  know,  most  of  old  and modern OSes have no protection
against  a  person that has administrative rights. Linux, Windows
or  something  else  -  'a  good admin means a long life'. Any OS
which  allows a programmer to use debug facility may be unsecure.
Of  course,  if  we  are  talking about Win9x/ME (which should be
called  'Mustdie  Edition',  I  think), even with VirtualLock you
cannot be absolutely shure.

I have e-mailed my modifications to
        Timo Schulz <twoaday at freakmail.de>
who said he would like to receive them.

Sorry for unexcellent English.

Best regards,
 Max V. Zinal

More information about the Gnupg-devel mailing list