What happens to my data in RAM after my app closes?

2

1

"Consider the following scenario:

  1. User launches MyApp.
  2. User closes MyApp.
  3. User launches SomeOtherApp.

My question: If SomeOtherApp also dynamically allocates memory is it possible that one of the buffers returned by the OS will contain the sensitive data placed there by the (now closed) invocation of MyApp?

Or are the contents of RAM treated as part of the sandbox in which an app runs?"

Someone asked me that question recently and now I am intrigued. What does happen to the RAM once the program or app closes? Will any data be retained by a buffer, or will there be any references to the data in RAM even after the program closes?

Main reson for this question is regarding security concerns, lets say someone collects data from a remote server and displays it using a custom program. Once that program closes, I want to make sure that nothing can access the data that I was displaying from the remote DB.

I am mostly concerned with apps in regard to iPhones and other smart phones, but RAM is RAM and I think that it would apply to most other fields.

CaptJak

Posted 2013-07-18T14:32:16.430

Reputation: 168

in Windows there is Zero Page Thread which zeros all memory before it will be used again: http://blogs.msdn.com/b/tims/archive/2010/10/29/pdc10-mysteries-of-windows-memory-management-revealed-part-two.aspx I have no idea if MacOS/iOS have something similar.

– magicandre1981 – 2013-07-18T15:36:02.753

:P (bleh windows...) OK. Thanks for that, good to keep in mind! – CaptJak – 2013-07-18T15:39:28.340

Answers

1

If you don't explicitly or implicitly clear the memory before you release it, it will retain the data stored within it.

When you allocate a certain amount of memory, it might have the data in it that was left there by a previous process (or another part of your application). If no process held that memory area since boot, then the area is most likely empty (meaning, it contains only zeros).

This is why people will often zero out memory they have just allocated (to avoid having the previous garbage data mess with their program logic).

In some frameworks, there might be special data types that make sure to zero out their allocated memory upon destruction. On such example is the .NET SecureString.

That being said, the programming platform you use or the operating systems memory manager could decide that zeroing out memory should always happen. So it really depends on your environment.

Related

Der Hochstapler

Posted 2013-07-18T14:32:16.430

Reputation: 77 228

Sorry for the short answer. I'm on mobile :-P – Der Hochstapler – 2013-07-18T14:46:20.663

I get it. Do you have any data in regards iOS, or should I migrate back to my home in Stack Overflow? – CaptJak – 2013-07-18T14:47:53.403

I can give a more complete answer later – Der Hochstapler – 2013-07-18T14:52:01.767

OK, I'll wait around. – CaptJak – 2013-07-18T14:54:45.620

0

Memory is simply another resource that is managed by the OS. As a result, the behavior of the OS is what you are interested in. In some environments, programs are allowed to access ANY part of memory, meaning that if MyApp did not wipe out the memory contents (by writing 0's to all memory locations it occupied) it is, theoretically, possible for SomeOtherApp to access that information.

In reality, most "modern" environments will prevent this behavior, and cause a program to either crash (if I'm not mistaken, Windows has this "feature") or have strange behavior. This is the reason that pointers SHOULD always be initialized to either NULL or some useful value.

In short, to answer your question, it depends.

Alexandros Katechis

Posted 2013-07-18T14:32:16.430

Reputation: 101

Nice, thanks for the complete answer (love your windows thrashing :D). Do you have any data on this in regards iOS? – CaptJak – 2013-07-18T14:49:01.283

0

Back in the day, programmers who dynamically allocated memory would also need to "free" it, along with closely monitor their program to ensure there were no memory leaks which would cause the memory which was being used by the program to just sit around and hog space long after the user was done using the program.

One of the roles of modern operating systems is to manage this memory effectively, and to detect when there are memory leaks, and to correct the issue. So once a program is closed by a user, the OS will free up all of the memory used by the program and allow other programs to access it. Obviously there are always flaws with computer design so this doesn't happen 100% of the time, but the average user will not notice.

Why did you have to restart your computer when it was unusually slow? To clear the RAM. This principle still holds today but isn't as effective as it was in the past due to the above reasons.

halligan26

Posted 2013-07-18T14:32:16.430

Reputation: 341

Yes, thank you. I understand how RAM works, but I don't know what happens to the data that was in the RAM. Is any part of it retained? I know that other programs will access the RAM once it is freed, but is their any trace left of the data? (BTW if you write in C and a few other languages, you still have to manually allocate and deallocate the memory...) – CaptJak – 2013-07-18T15:32:49.773

Thanks to modern operating systems the whole dynamically freeing is good practice, but not required, as the OS will clear it out. The RAM memory should theoretically be cleared after exiting. But that's as far as my knowledge goes, especially when it comes to mobile devices. – halligan26 – 2013-07-18T15:39:12.263

0

It looks like the same when a file is deleted, still remains and the 'area' marked as free. If high security is needed then OS or application wipes the data.

Nime Cloud

Posted 2013-07-18T14:32:16.430

Reputation: 923

Asked: 2013-07-18T14:32:16.430

Viewed: 986 times

Active: 2014-03-25T07:25:13.840