[[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years]
Seth David Schoen
schoen at loyalty.org
Mon Apr 14 23:55:03 UTC 2014
Larry Sheldon writes:
> On 4/14/2014 9:38 AM, Matthew Black wrote:
> >Shouldn't a decent OS scrub RAM and disk sectors before allocating
> >them to processes, unless that process enters processor privileged
> >mode and sets a call flag? I recall digging through disk sectors on
> >RSTS/E to look for passwords and other interesting stuff over 30
> >years ago.
>
> I have been out of the loop for quite a while but my strongly held
> belief is that such scrubbing would be an enormous (and intolerable)
> overhead in any but a classified system running up around "secret"
> or higher. (I know of a system in Silicon Valley where they would
> bring us core dumps to print because their system was down so hard.
In 2005, Stanford researchers "found that with careful design and
implementation, secure deallocation can be accomplished with minimal
overhead (roughly 1% for most workloads)".
https://www.usenix.org/legacy/events/sec05/tech/full_papers/chow/chow.pdf
This is for the RAM case rather than the disk case; maybe disk is worse
because writes are more expensive.
--
Seth David Schoen <schoen at loyalty.org> | No haiku patents
http://www.loyalty.org/~schoen/ | means I've no incentive to
FD9A6AA28193A9F03D4BF4ADC11B36DC9C7DD150 | -- Don Marti
More information about the NANOG
mailing list