Implications of using insecure memory
shatadal at vfemail.net
shatadal at vfemail.net
Mon Oct 4 04:56:32 CEST 2004
Quoting Atom 'Smasher' <atom at suspicious.org>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On Sat, 2 Oct 2004 shatadal at vfemail.net wrote:
>
> > As a new user I want to know what are the implications of using gpg with
> > insecure memory in windows and linux, how serious are they and what
> > steps can I take to improve security? Does insecure memory mean that I
> > should not use gpg on sych systems?
> =================
>
> it means that sensitive information, such as a passphrase or secret key
> *might* be written to a disk swap space. if that happens, and someone
> stole your HD, they could search the disk and maybe find something that
> could compromise your key.
>
> i dunno about windoze, but on *nix you can solve this by setuid-ing the
> gpg binary... that would force it to only use secure memory (RAM) and not
> write to disk swap.
>
>
> ...atom
<snip>
I use windows. Does that mean that I should not use gpg on windows? Or should I
install some utility to wipe the disc swap space and use it every time after I
have used gpg? Could you point me to any program which does this?
-------------------------------------------------
This mail sent through Virus Free Email
http://www.vfemail.net
More information about the Gnupg-users
mailing list