Memory forensics

[Werner Koch]

On Fri,  5 Mar 2010 22:30, rjh at sixdemonbag.org said:

> The upshot: we now have an actual demonstration.  The takeaway is that
> you should be very, very careful about hibernating your computer while
> passphrases are cached, or while GnuPG is actively processing a file.

You can protect against this by adding a little bit of code to the
suspend script: Iterate over all active users and run for them the
command "gpgconf --reload agent" or directly send a HUP to all
gpg-agent's.  This will invalidate the caches.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.