-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Override RAM after exit or logout #196
Comments
Any idea? |
You could do it in an unsafe way (which might be end up pretty bad since c# is a managed Language and you would delete the value without it's knowing) You could delete the Pointers to the value and call the GC to delete it (if it does not have anything that have a pointer to it, it would be deleted) You could override all Values of the Password Items with random values and just set the Items to null I don't know any safe way to overwrite the values bitwise tbh https://stackoverflow.com/questions/17509891/c-sharp-how-to-completely-remove-object-from-memory |
As far as I know, the GC just releases the objects. They aren't removed directly. |
What you mean exactly by "releases"? "Reclaims objects that are no longer being used, clears their memory, and keeps the memory available for future allocations. Managed objects automatically get clean content to start with, so their constructors don't have to initialize every data field." Addition thing: |
We should probably to avoid having the Passwords in the Memory in cleartext. For example we should convert the Passwords After the Decryption to a SecureString instead storing them as strings. (To show the Passwords we could create images instead showing the plain password) More about that: |
I think it does not matter how the password are in RAM when the user is logged in, but on logout we should remove them. |
It's always better if you try to avoid that someone else can get access to the Data. For example we try to hide Our Master Password as much as possible (which makes sense to avoid someone get it so he can't get access to EasePass or decrypt the Database) We try to hide something which is used to get things that could be get by some other Process easiely. So if we say it doesn't matter while we are logged in we can store the Masterpassword in cleartext too |
If you just care about to delete the Passwords from the Memory you can do it this way by that you will change the characters of the string. The Fixed statement will take care that the GC does not move the String around. |
But would it not be much simpler to just use SecureString for everything that is a password? We would not have to clear it from memory directly. In my opinion a much safer and better way? |
Yea that's much better than the current implementation. To make it overall more secure we need to zero out a string of a Password as fast as possible (when we do not have to show it anymore) and remove the reference to the string (try to let it remove from the Memory by the gc) We should also change the way the Passwords are saved. At the moment we save it as strings, which can be really bad in terms of security (for example remove it from the Memory or overwrite the values in a save situation in c#) . This approach will be way more secure than the current one. But we should still try to remove every Password from the Memory if the user is not logged in. If we do not need it we should always remove the Passwords from the Memory even if it should be secure saved (by that I mean clear it and dispose it after) We should also take care about the clipboard history. (Not sure if that's already done or not) |
We should overwrite the RAM where the passwords were stored after the user was automatically logged out or when the program was closed. At the moment, the RAM is only released so that it is overwritten bit by bit. This should happen immediately.
The text was updated successfully, but these errors were encountered: