nanog mailing list archives
Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years]
From: Larry Sheldon <LarrySheldon () cox net>
Date: Mon, 14 Apr 2014 18:02:12 -0500
On 4/14/2014 9:38 AM, Matthew Black wrote:
Shouldn't a decent OS scrub RAM and disk sectors before allocating them to processes, unless that process enters processor privileged mode and sets a call flag? I recall digging through disk sectors on RSTS/E to look for passwords and other interesting stuff over 30 years ago.
I have been out of the loop for quite a while but my strongly held belief is that such scrubbing would be an enormous (and intolerable) overhead in any but a classified system running up around "secret" or higher. (I know of a system in Silicon Valley where they would bring us core dumps to print because their system was down so hard.
The dump program would take about a third of a box of fanfold and stack it, still blank, as I recall, in the stacker.
Seems like the law of the land was "If you did not set the value, you can make no assumptions about it."
-- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actio Infallibility, and the ability to learn from their mistakes. (Adapted from Stephen Pinker)
Current thread:
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years], (continued)
- Message not available
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Larry Sheldon (Apr 14)
- Message not available
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Larry Sheldon (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Mark Seiden (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Randy Bush (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Michael Thomas (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Nathan Angelacos (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Michael Thomas (Apr 14)
- RE: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Matthew Black (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Simon Perreault (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] TGLASSEY (Apr 14)
- Message not available
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Larry Sheldon (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Seth David Schoen (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] John Levine (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Doug Barton (Apr 14)
- Re: [[Infowarrior] - NSA blah blah blah blah.... bmanning (Apr 14)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Matthew Petach (Apr 14)
- RE: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Matthew Black (Apr 15)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Glen Wiley (Apr 15)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Scott Howard (Apr 15)
- RE: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Barry Shein (Apr 15)
- Re: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years] Jason Iannone (Apr 16)