| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20051129194146.GB7109@sivokote.iziade.m$> Date: Tue Nov 29 19:39:17 2005 From: guninski at guninski.com (Georgi Guninski) Subject: Google Talk cleartext credentials in process memory On Tue, Nov 29, 2005 at 01:11:47PM -0500, Nasko Oskov wrote: > > If you want to protect the credentials in memory from dumps that go to > Microsoft, why not use CryptProtectMemory() instead of home-grown > obfuscation? This function encrypts the memory with a key that changes > over reboots, so even if you send a dump to MS, they wouldn't know how > to decrypt it. > old people remember the "nsakey micro$oft" fiasco. ------------- http://en.wikipedia.org/wiki/NSAKEY _NSAKEY is a variable name discovered in Windows NT 4 Service Pack 5 (which had been released unstripped of its symbolic debugging data) in August 1999 by Andrew D. Fernandes of Cryptonym Corporation. That variable contained a 1024-bit public key. .... The key is still present in all version of Windows, though it has been renamed "_KEY2." ------------- -- where do you want bill gates to go today?
Powered by blists - more mailing lists