Secure Coding mailing list archives

Could I use Java or c#? [was: Re: re-writingcollege books]

From: mouse at Rodents.Montreal.QC.CA (der Mouse)
Date: Wed, 15 Nov 2006 11:32:00 -0500 (EST)

Simple example: There's no way in pure Java that I can lock a
process in memory.  Wrt this list, that has a lot of security
ramifications especially on shared processors.  Sure makes hiding
secrets a lot harder.

Please explain that issue.


It makes it impossible to keep things like crypto keys out of swap
space.  (Looking through swap space is a relatively well-known forensic
technique for finding things like crypto keys or passwords.)

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               mouse at rodents.montreal.qc.ca
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Current thread:

Could I use Java or c#? [was: Re: re-writing college books], (continued)
- - - Could I use Java or c#? [was: Re: re-writing college books] Leichter, Jerry (Nov 13)
    - Could I use Java or c#? [was: Re: re-writing college books] mikeiscool (Nov 13)
    - Could I use Java or c#? [was: Re: re-writing college books] Crispin Cowan (Nov 13)
    - Could I use Java or c#? [was: Re: re-writing college books] mikeiscool (Nov 13)
    - [SC-L] Could I use Java or c#? [was: Re: re-writing college books] Robin Sheat (Nov 13)
    - Could I use Java or c#? [was: Re: re-writing college books] Crispin Cowan (Nov 14)
    - Could I use Java or c#? [was: Re: re-writingcollege books] Wall, Kevin (Nov 14)
    - Could I use Java or c#? [was: Re: re-writingcollege books] ljknews (Nov 15)
    - Could I use Java or c#? [was: Re: re-writingcollege books] Pete Shanahan (Nov 15)
    - Could I use Java or c#? [was: Re: re-writingcollege books] ljknews (Nov 15)
    - Could I use Java or c#? [was: Re: re-writingcollege books] der Mouse (Nov 15)
    - Could I use Java or c#? [was: Re: re-writingcollegebooks] Wall, Kevin (Nov 15)
    - Could I use Java or c#? [was: Re: re-writingcollegebooks] ljknews (Nov 15)
    - Could I use Java or c#? [was: Re: re-writing college books] mikeiscool (Nov 09)
    - Could I use Java or c#? [was: Re: re-writingcollege books] David Crocker (Nov 11)
    - Could I use Java or c#? [was: Re: re-writing college books] psteichen (Nov 06)
    - Could I use Java or c#? [was: Re: re-writing college books] der Mouse (Nov 06)
    - Could I use Java or c#? [was: Re: re-writing college books] ljknews (Nov 06)
    - Could I use Java or c#? [was: Re: re-writing college books] SZALAY Attila (Nov 08)