From: Bill Stewart <bill.stewart@pobox.com>
To: Jim Choate <cypherpunks@EINSTEIN.ssz.com (Cypherpunks Distributed Remailer)
Message Hash: 346ffc87cf49eb981dd7629ea5c4e8b05323241f54f23bbf921402a21ac960ca
Message ID: <3.0.5.32.19981129221723.008e9950@idiom.com>
Reply To: <199811281744.LAA04641@einstein.ssz.com>
UTC Datetime: 1998-11-30 04:18:26 UTC
Raw Date: Mon, 30 Nov 1998 12:18:26 +0800
From: Bill Stewart <bill.stewart@pobox.com>
Date: Mon, 30 Nov 1998 12:18:26 +0800
To: Jim Choate <cypherpunks@EINSTEIN.ssz.com (Cypherpunks Distributed Remailer)
Subject: Re: Securing data in memory (was "Locking physical memory (fwd)
In-Reply-To: <199811281744.LAA04641@einstein.ssz.com>
Message-ID: <3.0.5.32.19981129221723.008e9950@idiom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 11:44 AM 11/28/98 -0600, Jim Choate wrote:
>My mistake. Since it really does only handle individual apps it's
>of limited utility in the Windows world because of the numerous ways
>to get system level access. [....]
>Considering that this doesn't prohibit apps from getting access to that
>memory, it only prohibits that memory page from being written to disk, it
>has limited utility. It's only real protection is against disk scans.
Sure; it's only trying to do a limited scope of security protection.
Trying to protect an entire Win95/98 system is a much bigger job
(about like trying to keep water in an upside-down sieve :-)
Even running entirely in RAM doesn't prevent applications from
stealing keystroke, or stealing each others' RAM, or
crashing the graphics subsystem, or hosing the network.
Windows NT, under some limited circumstances, has been rated C2 Orange Book,
but that only means you can't steal most things without creating
a log file entry. Don't expect Win95/98 to be something it's not.
>No, it wouldn't. The question of swap or virtual space is one of economics
>and not computer architecture. If it were economicaly feasible there would
>be no drives just fast main ram.
Computer architecture is _always_ a technical and economic tradeoff.
Why not just run everything out of Level 1 Cache or registers?
Disk drive makers keep making faster, cheaper, bigger drives,
DRAM makers keep making DRAM faster, cheaper, and bigger,
blazingly-fast SRAM makers keep making SRAM blazinglyer,
in-between technology makers keep making flash ram and bubble memory
in-betweener, bus makers make busses faster, etc.,
and the whole mess keeps evolving together.
Back in the mid-80s, Princeton University got some SDI money for the
Massive Memory Machine Project, researching what you could do if
you had enough memory for anything you wanted. Even with the
CS approaches of the time, you'd do a lot of things differently.
Their non-massive toy machine was a 1.5MIPS VAX with 128MB RAM -
which took 10 extension racks to hold all the RAM.
These days 128MB is cheap, as are 500 MIPS P2s, but 50GB of RAM
is still bigger than most machines' busses will hold,
and even 2GB of DRAM is a lot bigger and more power-hungry than
most laptops can really support, much less 2GB of fast SRAM.
Thanks!
Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Return to November 1998
Return to “Jim Choate <ravage@einstein.ssz.com>”