"John S. Denker" <[EMAIL PROTECTED]> writes: > 1) This topic must be taken seriously. A standard technique > for attacking a system is to request a bunch of memory or > disk space, leave it uninitialized, and see what you've got.
I find that this thread doesn't discuss the threat model behind "expunging" keys, and this statement finally triggered my question. On which systems is all this really an issue, and when? Which operating systems "leak" memory between processes in this way? Which operating systems swap out processes to disk that can be read by non-privileged users? Which operating systems write core dumps that can be read by non-privileged users? My gut feeling tells me that if you can allocate memory on a system, there are easier way to attack it. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
