Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years]

[Glen Wiley <glen.wiley () gmail com>]

On 04/15/2014 09:56 AM, Matthew Black wrote:
> From: Doug Barton [mailto:dougb () dougbarton us] 
> > When you say "clear the disk allocated to programs" what do you mean
> > exactly?
>
> Seriously? When files are deleted, their sectors are simply released to the free space pool without erasing their 
> contents. Allocation of disk sectors without clearing them gives users/programs access to file contents previously 
> stored by other users/programs.
>
> As to why this is a problem, well, as they write in some math textbooks, the answer is trivial and left as an 
> exercise to the reader. Well, usually trivial.
>
> matthew black
> california state university, long beach

Bruce Schneier gave a plug for bleachbit - it does a reasonable job of
trying to clean things up for you.

> -----Original Message-----
> From: Doug Barton [mailto:dougb () dougbarton us] 
> Sent: Monday, April 14, 2014 7:48 PM
> To: nanog () nanog org
> Subject: Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years]
>
> On 04/14/2014 05:50 PM, John Levine wrote:
> > In article <534C68F4.305 () cox net> you write:
> > > On 4/14/2014 9:38 AM, Matthew Black wrote:
> > > > Shouldn't a decent OS scrub RAM and disk sectors before allocating
> > > > them to processes, unless that process enters processor privileged
> > > > mode and sets a call flag? I recall digging through disk sectors on
> > > > RSTS/E to look for passwords and other interesting stuff over 30
> > > > years ago.
> > >
> > > I have been out of the loop for quite a while but my strongly held
> > > belief is that such scrubbing would be an enormous (and intolerable)
> > > overhead ...
> >
> > It must be quite a while.  Unix systems have routinely cleared the RAM
> > and disk allocated to programs since the earliest days.
>
> When you say "clear the disk allocated to programs" what do you mean 
> exactly?

-- 
Glen Wiley
KK4SFV