Secure Coding mailing list archives

Could I use Java or c#? [was: Re: re-writingcollegebooks]

From: ljknews at mac.com (ljknews)
Date: Wed, 15 Nov 2006 12:33:50 -0500

At 10:55 AM -0600 11/15/06, Wall, Kevin wrote:

Larry Kilgallen wrote:

At 8:18 PM -0600 11/14/06, Wall, Kevin wrote:

That makes a Java inappropriate for a lot of
system-level programming tasks. Simple example: There's no
way in pure Java that I can lock a process in memory. Wrt this 
list, that has a lot of security ramifications especially on
shared processors. Sure makes hiding secrets a lot harder.


Please explain that issue.

Is there some multiuser operating system that does not clear 
memory before retasking it for another  process ?

I wasn't referring to the OS not clearing memory between use by
different processes. Instead consider a case where there's a secret
such as an encryption key, password, etc. in a chunk of memory that
has been paged out to a swap device (*nix) or pagefile.sys (Windows).
The process them terminates abnormally because of a signal, abrupt
power outage, etc. From a security POV, this is a bad thing since
now your secret is somewhere on the hard drive.


But a cryptographic secret should not be in user-readable memory in the
first place, due to the risk of a trojan horse.  That belongs in OS memory
dedicated to the user but protected from them (i.e., inner mode) and at
that point the operating system can mark such memory as not being subject
to dumping.

The user might enter a password to _unlock_ that secret key, and some
trojan horse (or wiretap) might intercept that password and use it in
a malicious fashion, but the trojan horse cannot export the secret key
to another machine.  (By secret key, I mean the secret half of a public
key pair.)

Overall, I find these types limitations with Java or C# more frustrating
than I do with the performance issues.


A native compiler should have no problem calling any system service.
It would seem your objection is really to the bytecode engine version
of Java rather than to the language itself.
-- 
Larry Kilgallen

Current thread:

Could I use Java or c#? [was: Re: re-writing college books], (continued)
- - - Could I use Java or c#? [was: Re: re-writing college books] Crispin Cowan (Nov 13)
    - Could I use Java or c#? [was: Re: re-writing college books] mikeiscool (Nov 13)
    - [SC-L] Could I use Java or c#? [was: Re: re-writing college books] Robin Sheat (Nov 13)
    - Could I use Java or c#? [was: Re: re-writing college books] Crispin Cowan (Nov 14)
    - Could I use Java or c#? [was: Re: re-writingcollege books] Wall, Kevin (Nov 14)
    - Could I use Java or c#? [was: Re: re-writingcollege books] ljknews (Nov 15)
    - Could I use Java or c#? [was: Re: re-writingcollege books] Pete Shanahan (Nov 15)
    - Could I use Java or c#? [was: Re: re-writingcollege books] ljknews (Nov 15)
    - Could I use Java or c#? [was: Re: re-writingcollege books] der Mouse (Nov 15)
    - Could I use Java or c#? [was: Re: re-writingcollegebooks] Wall, Kevin (Nov 15)
    - Could I use Java or c#? [was: Re: re-writingcollegebooks] ljknews (Nov 15)
    - Could I use Java or c#? [was: Re: re-writing college books] mikeiscool (Nov 09)
    - Could I use Java or c#? [was: Re: re-writingcollege books] David Crocker (Nov 11)
    - Could I use Java or c#? [was: Re: re-writing college books] psteichen (Nov 06)
    - Could I use Java or c#? [was: Re: re-writing college books] der Mouse (Nov 06)
    - Could I use Java or c#? [was: Re: re-writing college books] ljknews (Nov 06)
    - Could I use Java or c#? [was: Re: re-writing college books] SZALAY Attila (Nov 08)