A modified version of GnuPG

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu May 23 05:17:01 CEST 2002

"Max V. Zinal" <Zlat0 at mail.ru> writes:

>When I said "secure memory" I was going to say "VirtualLock under Windows
>NT/2000/XP", which keeps you absolutely safe unless you have a Terminal Server
>with an evil-minded admin, or remote desktop connection with 'Debug'


>if we are talking about Win9x/ME (which should be called 'Mustdie Edition', I
>think), even with VirtualLock you cannot be absolutely shure.

VirtualLock() has anything from a marginal chance of preventing swapping (best-
case) to a chance of greatly increasing swapping (worst-case).  Under Win9x it
does nothing at all (it's a no-op).  It's nothing like "absolutely safe".  See
e.g. http://www.cryptoapps.com/~peter/06_random.pdf, somewhere towards the end.


More information about the Gnupg-devel mailing list