On Tue, Nov 29, 2005 at 11:57:00AM +0100, Jaroslaw Sajko wrote: > pagvac wrote: > > Jaroslaw, > > > > thanks for your post. You're right, the same issue occurs in *many* > > applications. However, any vendor that is serious about security will > > at least attempt to obfuscate the credentials in memory (IMHO). > > Thanks for your post too. I think you're right that obfuscation can help > in some cases. Sometimes the plaintext credentials goes to the Microsoft > as the part of the crash report. Then if the cerdentials are obfuscated, > in a correct way, we can prevent Microsoft from collecting our > credentials. To prevent an attacker from reading credentialas from > process memory dump we need more complicated mechanism (the dump > contains all data & code). Therefore cost of implementing the correct > obfuscation might be uncomparable with the risk of the credential lost > in such manner. That's why I think the obfuscation isn't necessary. But > this is of course only my opinion:] If you want to protect the credentials in memory from dumps that go to Microsoft, why not use CryptProtectMemory() instead of home-grown obfuscation? This function encrypts the memory with a key that changes over reboots, so even if you send a dump to MS, they wouldn't know how to decrypt it.
-- Nasko Oskov "A hacker does for love what others would not do for money." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
