[35636] in bugtraq
Re: Suggestion: erase data posted to the Web
daemon@ATHENA.MIT.EDU (Nick Lamb)
Thu Jul 8 13:21:14 2004
Date: Thu, 8 Jul 2004 15:00:50 +0100
From: Nick Lamb <njl98r@ecs.soton.ac.uk>
To: BUGTRAQ@securityfocus.com
Message-ID: <20040708140050.GA23181@ecs.soton.ac.uk>
Mail-Followup-To: BUGTRAQ@securityfocus.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="jI8keyz6grp/JLjh"
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.53.0407071035420.21486@andrew.triumf.ca>
--jI8keyz6grp/JLjh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Jul 07, 2004 at 11:30:00AM -0700, Andrew Daviel wrote:
> It occurs to me that, while an unprivileged process cannot read system
> memory directly, that a simple allocation of a large chunk of memory might
> get data freed up or abandoned by previously running processes. Certain
> data, such as credit card numbers and SINs, have a predictable pattern
> that a regex such as
> /4530[\s]{0,1}[\d]{4}[\s]{0,1}[\d]{4}[\s]{0,1}[\d]{4}[\s]{0,1}[\d]{4}/
> might easily find.
This won't work on a modern Unix (incl Mac OS X or Linux) or Windows, memory
made available to a process is cleared (usually with zeros, but sometimes
with some magic debug value for reasons that should be obvious to developer=
s)=20
Of course sometimes there are bugs, but that's the same with any security
critical behaviour in an operating system. If you find such a bug please
report it to your vendor and here on Bugtraq once you're sure.
Nick.
--jI8keyz6grp/JLjh
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFA7VORJL0BVnQb59gRAo/rAJ4yEhjTbCSNuMvcACQIWDG1ck3xcACgrfnN
V0qpRPndztK1dguq5U1j+Ps=
=f0ie
-----END PGP SIGNATURE-----
--jI8keyz6grp/JLjh--
