Highest Voted 'memory' Questions - IT Security Stack Exchange

468

votes

13 answers

Are passwords stored in memory safe?

I just realized that, in any language, when you save a password in a variable, it is stored as plain text in the memory. I think the OS does its job and forbids processes from accessing each other's allocated memory. But I also think this is somehow…

passwords operating-systems memory

asked Jan 14 '13 at 19:30

Antoine Pinsard

4,597
4
15
27

67

votes

7 answers

Can RAM retain data after removal?

Is it possible for RAM to retain any data after power is removed? I don't mean within a few minutes such as cold boot Attacks but rather 24 hours plus. Working with classified systems the policy always seems to treat RAM the same as disks and must…

hardware memory data-recovery

asked Sep 09 '15 at 16:45

MattP

773
1
6
7

66

votes

3 answers

Are the sticks of RAM in my desktop computer volatile? Is it safe to sell them?

I have two sticks of RAM in my computer that I would like to sell or donate. From what I understand some RAM is volatile, losing all its contents when power is gone for a few minutes, and some is non-volatile, retaining that information after power…

forensics memory

asked Feb 04 '21 at 11:47

user250432

62

votes

15 answers

Emergency method to erase all data off a machine within seconds

Imagine you are carrying highly sensitive information with you, maybe on a mission in a war zone. You get in an ambush and quickly need to erase all the files before they fall in the wrong hands. This has to happen within seconds. What devices are…

hardware physical memory

asked Jul 22 '20 at 10:08

user238815

54

votes

3 answers

What is the benefit of having a cryptographically secure hash algorithm in hashmaps?

I recently read the Rust language documentation and saw this: By default, HashMap uses a cryptographically secure hashing function that can provide resistance to Denial of Service (DoS) attacks. This is not the fastest hashing algorithm available,…

hash memory rust

asked Oct 05 '18 at 12:42

Greaka

643
5
9

53

votes

5 answers

environment variable accessibility in Linux

Perhaps this is a trivial question, but how accessible are environment variables in Linux between different users? e.g. if Alice executes export FAVORITE_FOOD=`cat /home/alice/fav_food.txt` Can Eve tell what's Alice's favourite food? (Assuming both…

linux memory

asked Apr 20 '12 at 17:47

Yoav Aner

5,299
3
24
37

53

votes

4 answers

Old OS memory space protection - was it really that bad?

In his book Security Engineering, Anderson really focuses on how in the 90s and early 2000s programs would need to access memory that wasn't their own, and programmers programmed with the assumption the program would be run with administrative…

operating-systems memory c

asked Dec 08 '15 at 11:04

Celeritas

10,039
22
77
144

47

votes

9 answers

How to prevent a hosting company from accessing a VM's encryption keys?

I want to prevent potential theft of my web application (source code + database) by my local hosting company, that I don't fully trust for some reason (but have no other choice but to use as they give, by far, the best latency over here). I'm…

encryption disk-encryption memory cold-boot-attack

asked Aug 26 '19 at 09:03

BenMorel

909
1
7
13

30

votes

7 answers

Why encrypt data in memory?

I saw that KeePass not only encrypts its password-database-file, it also can encrypt the passwords it holds in memory. This is just an example. I thinking of a new project dealing with sensitve / personal data and now I ask myself if I should…

encryption memory confidentiality virtual-memory

asked Sep 18 '12 at 08:32

user573215

443
1
4
5

29

votes

5 answers

OS with encrypted RAM?

Are there any applications, JIT frameworks or operating systems that focus on encrypted virtual memory, or perhaps virtual machines that do something similar? I know there are processors (albeit old, slow and weak) that allow for systems that are…

cryptography encryption operating-systems memory

asked Oct 20 '11 at 18:29

Polynomial

132,208
43
298
379

28

votes

1 answer

DMA attacks despite IOMMU isolation

If you're already familiar with PCI behavior and Linux's handling of DMA buffers, skip to the third section for my actual question. Otherwise read on for a small summary of how PCI devices perform memory accesses, and how the kernel handles…

linux hardware memory kernel dma-attack

asked Jan 02 '18 at 11:41

forest

64,616
20
206
257

28

votes

5 answers

Recover the prior contents of RAM from a turned-off PC?

I've heard that if your PC is turned off, then an attacker can recover the RAM from the last session. I find this hard to believe. How could it be done?

hardware data-leakage memory

asked Jan 13 '12 at 12:50

wisdom

457
1
5
8

25

votes

2 answers

Is there a way to make the browser remove the login-password from it's memory immediately, like Chrome seems to do on accounts.google.com?

I did some testing, and found that a memory dump of Chrome doesn't hold the password of gmail.com/Google after logging in to that site (the login happens on accounts.google.com). (My System is Windows 10 64bit Professional, Chrome 60). I can find…

passwords chrome memory html

asked Sep 23 '17 at 07:21

Martin Fürholz

795
9
21

23

votes

5 answers

Memory dumping Android

I need to evaluate the security of a cryptographic library. In particular I am targeting a part of the library where I believe the private key is exposed for a limited time in the RAM. Any ideas or pointers on how to go about checking the RAM for…

android memory

asked Jul 02 '14 at 14:07

4oxer

601
1
4
9

22

votes

1 answer

Is assigning decrypted keys to a variable in application secure?

Let's say I've retrieved an encrypted secret key from the server. I decrypt it to get the actual secret key, assign the decrypted key to a variable in my app. Something along this: const encryptedKey = fetchKeyFromServer(); const secretKey =…

appsec key-management memory key

asked May 10 '17 at 05:35

xenon

355
3
7

Questions tagged [memory]