Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:17:27 ADT
Kriston J. Rehberg (kriston@ibm.net)
Mon, 18 May 1998 12:03:56 -0400
I've always thought of the volume- and file-encryption systems to be
worthwhile protection for data on your system when it is unattended
(ie, "off"), when data is stored (ie, in "offline" storage) or in
transit.
If you are using a volume- and/or file-encryption system and you leave
your system powered on and unattended, or even just locked with a
screen saver overnight, then you are just asking for trouble. Of
course, the private key is kept in memory for these systems. Some of
them burn the key out of memory after a period of system inactivity
and then present a dialog box asking for the passphrase again, after
which time the private key is then re-decrypted and the user can
continue working -- I believe SafeHouse does this but I'm not sure how
the inactivity routine works.
Anyway, whether it is swapped out should be of some concern in a
single-user Windows system, however I believe much can be gained by
having your system automatically wipe the swap file on system
shutdown. I remember a program that used to do this for Windows 3.1
and you can probably find many of these for Windows 95.
I had always thought you could lock memory in core in Windows. But
wouldn't key recovery using the swapfile-scanning method be extremely
difficult?
Regards,
Kris
-- Kriston J. Rehberg AOL: Kriston http://kriston.net/
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:17:27 ADT