Mendel Rosenblum and his colleagues, at Stanford University used a software simulation system they created called TainBochs to mirror a typical computer system. The software allowed them to taint or tag data, which was then tracked through the system.
The work revealed a hidden source of password and other information that may have been stored originally in Mozilla, Apache, Perl, and other applications. These applications execute in system memory, but that memory is copied to a swap area on the hard drive by the operating system. Once on the hard drive, there is no set time frame in which the data is overwritten, leaving it intact and in jeopardy for years or longer.
further...
more links:
Understanding Data Lifetime via Whole System Simulation
at google
june3rd, 2004
ganesh
No comments:
Post a Comment