>> Simple example: There's no way in pure Java that I can lock a >> process in memory. Wrt this list, that has a lot of security >> ramifications especially on shared processors. Sure makes hiding >> secrets a lot harder. > Please explain that issue.
It makes it impossible to keep things like crypto keys out of swap space. (Looking through swap space is a relatively well-known forensic technique for finding things like crypto keys or passwords.) /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML [EMAIL PROTECTED] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php
