[p2p-hackers] amicima MFP and crypto upgrades
David Barrett
dbarrett at quinthar.com
Sat Dec 17 23:00:40 UTC 2005
On Sat, 17 Dec 2005 1:58 pm, coderman wrote:
> On 12/17/05, Matthew Kaufman <matthew at matthew.at> wrote:
>> ...
>> 2. We've significantly upgraded the "MFP defcrypto" default
>> cryptographic
>> plug-in.
>
> i forgot to mention this previously but it is always a good idea to
> lock memory pages where key material and cipher state resides.
I'm not sure I follow how this helps: who is it protecting against? If
you don't want the user to get access to cipher info, requiring root
access isn't much of a barrier (any hacker will have root on his own
box). And one user can't access the memory of another user's
processes. I'm not disputing the technique, I just don't understand
when to apply it.
For example, just the other day I was interviewing a candidate (did I
mention we are hiring?) who aggregates poker stats on other players.
Despite all sorts of clever on-the-wire encryption, he just figured out
where all the stats are kept in plaintext in memory and tapped into
that. Doh!
Ultimately, it's never a good idea to send data to a client that you
don't want to fall into the wrong hands. Memory protection might stop a
non-root user from accessing his own memory, but this seems like a
boundary case (unless I'm misunderstanding it).
-david
More information about the P2p-hackers
mailing list