Implications of using insecure memory

[Aleksandar Milivojevic]

shatadal at vfemail.net wrote:
> Another poster also talked about getting rid of windows. However I do need to
> run windows from time to time. Also I do not have root access on my linux
> machine (it is used at work). So does that mean that gpg is not for me? Or is
> there anything available which could erase the swap space anytime I want? I
> just looked around in the M$ knowledgebase and it has a workaround to clear the
> pagefile at shutdown. Is that a useful compromise?

For Linux box, you can ask your sysadmin to install gpg with setuid bit set.

For Windows and erasing the swap space, it depends on what it actually 
does (I'm not an Windows expert).  If the file is simply "deleted" from 
the disk and recreated on next boot, nope it is not sufficient (blocks 
where the data is will be unalocated, but data on them will be intact 
until something else writes to that part of the disk).  On the other 
hand if it overwrites the content of swap file with zeros (or does 
something similar), than you are kinda safe.  It won't stop inteligence 
agency from recovering the data (see my previous reply), but it will 
stop almost anybody else.  So, unless somebody can make millions $$$ out 
of your data, most likely nobody will bother to recover it.

If after setting that registry setting time to shutdown machine becomes 
much longer, than it is most likely doing the right thing.  Although, 
while machine is running, anything with access to swap file can read 
information from it.  So it is not ideal solution.  It is kind of in the 
middle.

If shutdown time stays almost the same, than it is simply removing the 
file (marking file as deleted), which does not give you any more 
security.  In that case setting that registry entry is pointless.

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7