A modified version of GnuPG
Max V. Zinal
Zlat0 at mail.ru
Tue May 21 20:40:01 CEST 2002
Tuesday, May 21, 2002, 8:21:18 AM, Peter Gutmann wrote:
PG> Could you explain what you mean by "secure memory"? There are a variety of
PG> interpretations possible, some erroneous (in general the term "secure memory"
PG> is an oxymoron in an OS which has functions like VirtualProtect() and
PG> ReadProcessMemory(), so a bit more detail would be useful).
When I said "secure memory" I was going to say "VirtualLock under
Windows NT/2000/XP", which keeps you absolutely safe unless you
have a Terminal Server with an evil-minded admin, or remote
desktop connection with 'Debug' privileges.
As you know, most of old and modern OSes have no protection
against a person that has administrative rights. Linux, Windows
or something else - 'a good admin means a long life'. Any OS
which allows a programmer to use debug facility may be unsecure.
Of course, if we are talking about Win9x/ME (which should be
called 'Mustdie Edition', I think), even with VirtualLock you
cannot be absolutely shure.
I have e-mailed my modifications to
Timo Schulz <twoaday at freakmail.de>
who said he would like to receive them.
Sorry for unexcellent English.
Max V. Zinal
More information about the Gnupg-devel