[171004] in North American Network Operators' Group
Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years]
daemon@ATHENA.MIT.EDU (Larry Sheldon)
Mon Apr 14 19:02:49 2014
Date: Mon, 14 Apr 2014 18:02:12 -0500
From: Larry Sheldon <LarrySheldon@cox.net>
To: "nanog@nanog.org" <nanog@nanog.org>
In-Reply-To: <pqfd1n00n1Una3W01qfeB7>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 4/14/2014 9:38 AM, Matthew Black wrote:
> Shouldn't a decent OS scrub RAM and disk sectors before allocating
> them to processes, unless that process enters processor privileged
> mode and sets a call flag? I recall digging through disk sectors on
> RSTS/E to look for passwords and other interesting stuff over 30
> years ago.
I have been out of the loop for quite a while but my strongly held
belief is that such scrubbing would be an enormous (and intolerable)
overhead in any but a classified system running up around "secret" or
higher. (I know of a system in Silicon Valley where they would bring us
core dumps to print because their system was down so hard.
The dump program would take about a third of a box of fanfold and stack
it, still blank, as I recall, in the stacker.
Seems like the law of the land was "If you did not set the value, you
can make no assumptions about it."
--
Requiescas in pace o email Two identifying characteristics
of System Administrators:
Ex turpi causa non oritur actio Infallibility, and the ability to
learn from their mistakes.
(Adapted from Stephen Pinker)
