Full Disclosure mailing list archives
Re: Google Talk cleartext credentials in process memory
From: Jaroslaw Sajko <sloik () parareal net>
Date: Tue, 29 Nov 2005 19:49:03 +0100
Nasko Oskov wrote:
If you want to protect the credentials in memory from dumps that go to Microsoft, why not use CryptProtectMemory() instead of home-grown obfuscation? This function encrypts the memory with a key that changes over reboots, so even if you send a dump to MS, they wouldn't know how to decrypt it.
Yes, it is possible. regards, js _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Google Talk cleartext credentials in process memory pagvac (Nov 28)
- Re: Google Talk cleartext credentials in process memory Jaroslaw Sajko (Nov 29)
- Re: Google Talk cleartext credentials in process memory 6ackpace (Nov 29)
- Message not available
- Re: Google Talk cleartext credentials in process memory pagvac (Nov 29)
- Re: Google Talk cleartext credentials in process memory 6ackpace (Nov 29)
- Message not available
- Re: Google Talk cleartext credentials in process memory pagvac (Nov 29)
- Re: Google Talk cleartext credentials in process memory Stelian Ene (Nov 29)
- Re: Google Talk cleartext credentials in process memory Jaroslaw Sajko (Nov 29)
- Message not available
- Re: Google Talk cleartext credentials in process memory Jaroslaw Sajko (Nov 29)
- Re: Google Talk cleartext credentials in process memory Nasko Oskov (Nov 29)
- Re: Google Talk cleartext credentials in process memory Jaroslaw Sajko (Nov 29)
- Re: Google Talk cleartext credentials in process memory Georgi Guninski (Nov 29)
- Re: Google Talk cleartext credentials in process memory Kurt Grutzmacher (Nov 29)
- Re: Google Talk cleartext credentials in processmemory Brian Dessent (Nov 29)
- Re: Google Talk cleartext credentials in processmemory Kurt Grutzmacher (Nov 30)
- Re: Re: Google Talk cleartext credentials in processmemory pagvac (Nov 29)