Turning off JIT Optimisation
in [Java Programming]
|
Prev: Parallel quicksort
Next: Using Java 7
From: Lew on 15 May 2010 20:58 rossum wrote: > Security being security you have to assume that the attacker has the > latest equipment available. IIRC even if you switch the computer off > if the attacker cen get its memory chips into a freezer quickly enough > the memory may be recoverable for up to 20 minutes. According to what I've read, stick your sticks in liquid N2 and they're readable for weeks. <http://en.wikipedia.org/wiki/Data_remanence> which references <http://citp.princeton.edu.nyud.net/pub/coldboot.pdf> The Wikipedia article claims that data remains in DRAM for "seconds to minutes at room temperature". -- Lew
From: Daniel Pitts on 16 May 2010 02:14 On 5/15/2010 2:42 PM, markspace wrote: > rossum wrote: >> IIRC even if you switch the computer off >> if the attacker cen get its memory chips into a freezer quickly enough >> the memory may be recoverable for up to 20 minutes. > > > This is utterly bogus. There's no way any temperature change short of > (perhaps) absolute zero is going to have any effect on the minuscule > charge stored inside a d-ram. No way, no how. > > And I sincerely doubt that "stand-by" retains any information at all, > unless it swaps memory out to disc. > Except there has been research into this. Shut-off memory circuits state decays slowly enough at room temperature, and even slower if blasted by a cold substance (such as turning a can of "canned air" on its head). I read about this in a few places, including Communications of the ACM. I don't have the exact reference handy though. Anyway, memory doesn't decay 100% in mere seconds. The chance of a particular cell decaying is small enough that a "hacker" can physically retrieve the memory, and easily obtain the information stored in it. However, I would assume that simply setting the value to zero would be good enough.. On the other hand, Java provides no way to guarantee that the contents of an array are not swapped to disk, or loaded into a different page in physically memory. There is nothing you can do from Java (short of JNI) to secure that data. -- Daniel Pitts' Tech Blog: <http://virtualinfinity.net/wordpress/>
From: Mike Schilling on 16 May 2010 02:48 Daniel Pitts wrote: > > On the other hand, Java provides no way to guarantee that the contents > of an array are not swapped to disk, or loaded into a different page > in physically memory. There is nothing you can do from Java (short > of JNI) to secure that data. JNI is insufficient in any virtual memory system (which is to say, almost any modern OS), since the same address in virtual memory might correspond to many different physical pages and disk blocks over the course of a program's execution.
From: Patricia Shanahan on 16 May 2010 06:10 Daniel Pitts wrote: > On 5/15/2010 2:42 PM, markspace wrote: >> rossum wrote: >>> IIRC even if you switch the computer off >>> if the attacker cen get its memory chips into a freezer quickly enough >>> the memory may be recoverable for up to 20 minutes. >> >> >> This is utterly bogus. There's no way any temperature change short of >> (perhaps) absolute zero is going to have any effect on the minuscule >> charge stored inside a d-ram. No way, no how. >> >> And I sincerely doubt that "stand-by" retains any information at all, >> unless it swaps memory out to disc. >> > Except there has been research into this. Shut-off memory circuits > state decays slowly enough at room temperature, and even slower if > blasted by a cold substance (such as turning a can of "canned air" on > its head). I read about this in a few places, including Communications > of the ACM. I don't have the exact reference handy though. See http://www.zdnet.com/blog/security/cryogenically-frozen-ram-bypasses-all-disk-encryption-methods/900 I've also heard a talk on this subject, and have some practical experience with DRAM going on working briefly even with refresh disabled. Patricia
From: Tom Anderson on 16 May 2010 06:31
On Sat, 15 May 2010, Mike Schilling wrote: > Daniel Pitts wrote: > >> On the other hand, Java provides no way to guarantee that the contents >> of an array are not swapped to disk, or loaded into a different page in >> physically memory. There is nothing you can do from Java (short of >> JNI) to secure that data. > > JNI is insufficient in any virtual memory system (which is to say, > almost any modern OS), since the same address in virtual memory might > correspond to many different physical pages and disk blocks over the > course of a program's execution. If you take 'JNI' to mean 'JNI used merely to manage a native buffer', then yes, but if it means 'JNI used to access the OS's routines for managing sensitive data, intended to deal specifically with this situation', then no. tom -- eviscerated by obfuscation |