John C Nash wrote: > 1) ccrypt offers a cross-platform solution that is usable by a much wider variety of folk than GnuPG I see no difference: $ ccrypt foo or $ gpg --symmetric foo $ ccrypt --decrypt foo or $ gpg foo For this purpose there is no need for gpg public keys etc. > 2) The memory clearing issue is sufficiently important that I would like > to see it addressed, even if it is difficult. In the script I proposed, > my solution -- proposed in order to get reaction, by the way -- was as > follows: > - create a tmpfs in RAM on a machine with no swap (apologies: I > forgot to mention that I run my machines with large RAM and no swap > partition). > - run encfs on this so material in the decrypted area is somewhat > protected. (The ccat or ccrypt -c options are better for just viewing, > but maybe there are other applications for the tmp disk idea.) > - close the encfs > - scrub the "disk" which is RAM > - release the RAM by unmounting the tmpfs "disk" But as soon as the file is displayed to the user the decrypted data is in ram. The above doesn't change that. Because it is such a hard problem I am not sure that clearing ram is worth persuing. If an attacker is in a a position to dump the ram then they could also install a keyboard logger, install trojan versions of ccrypt or libc, or a trojan kernel. If you were writing your own program you could over write the ram used to store the clear text. There may also be a system call to lock the memory page used from moving to swap. But the clear text will still end up in the video ram.