On Mon, Jan 22, 2001 at 05:28:50PM -0800, Ryan Russell wrote:

> Due to some mail trouble, I'm manually forwarding this note.

> From:   Microsoft Security Response Center

> Subject:        Re: BugTraq: EFS Win 2000 flaw

>          "... it is recommended that it is always better to start by creating
> an empty encrypted folder and creating files directly in that folder.
> Doing so, ensures that plaintext bits of that file never get saved
> anywhere on the disk. It also has a better performance as EFS does
> not need to create a backup and then delete the backup, etc."

Bits _never_ get written to the disk? Guaranteed never to use swap space?

The GnuPG FAQ (http://www.gnupg.org/faq.html#q6.1) suggests that it is
not possible to make a Windows program insist on physical RAM the way a
program can in Open Systems. Does EFS really use only physical RAM? If
so, is there some win32 API that can be used by other application designers
who want to guarantee that certain blocks of allocated memory are *never*
swapped out to disk? The most likely candidate I've come across is
VirtualLock() which, unfortunately, "does not mean that the page will not be
paged to disk" (http://msdn.microsoft.com/library/techart/msdn_virtmm.htm).



Reply via email to