Saturday, July 03, 2004

TaintBochs -- the computer simulation system

Modern operating systems have no built-in mechanisms for limiting the lifetime of sensitive data. As a result, passwords and other sensitive data may be moved into and left in the system memory, which may be swapped to an area on a hard drive where they could sit for years, even until after the user disposes, sells, trades, or otherwise dumps a drive.

Mendel Rosenblum and his colleagues, at Stanford University used a software simulation system they created called TainBochs to mirror a typical computer system. The software allowed them to taint or tag data, which was then tracked through the system.

The work revealed a hidden source of password and other information that may have been stored originally in Mozilla, Apache, Perl, and other applications. These applications execute in system memory, but that memory is copied to a swap area on the hard drive by the operating system. Once on the hard drive, there is no set time frame in which the data is overwritten, leaving it intact and in jeopardy for years or longer.


more links:
Understanding Data Lifetime via Whole System Simulation

at google

june3rd, 2004

No comments: