Eternal Sunshine of the Spotless Machine
نویسندگان
چکیده
Modern systems keep long memories. As we show in this paper, an adversary who gains access to a Linux system, even one that implements secure deallocation, can recover the contents of applications’ windows, audio buffers, and data remaining in device drivers—long after the applications have terminated. We design and implement Lacuna, a system that allows users to run programs in “private sessions.” After the session is over, all memories of its execution are erased. The key abstraction in Lacuna is an ephemeral channel, which allows the protected program to talk to peripheral devices while making it possible to delete the memories of this communication from the host. Lacuna can run unmodified applications that use graphics, sound, USB input devices, and the network, with only 20 percentage points of additional CPU utilization.
منابع مشابه
Eternal Sunshine of the Spotless Machine: Protecting Privacy with Ephemeral Channels
Modern systems keep long memories. As we show in this paper, an adversary who gains access to a Linux system, even one that implements secure deallocation, can recover the contents of applications' windows, audio buffers, and data remaining in device drivers-long after the applications have terminated. We design and implement Lacuna, a system that allows users to run programs in "private sessio...
متن کاملThe eternal sunshine of the sketch data structure
In the past years there has been significant research on developing compact data structures for summarizing large data streams. A family of such data structures is the so-called sketches. Sketches bear similarities to the well-known Bloom filters [2] and employ hashing techniques to approximate the count associated with an arbitrary key in a data stream using fixed memory resources. One limitat...
متن کاملEternal m-security subdivision numbers in graphs
An eternal $m$-secure set of a graph $G = (V,E)$ is aset $S_0subseteq V$ that can defend against any sequence ofsingle-vertex attacks by means of multiple-guard shifts along theedges of $G$. A suitable placement of the guards is called aneternal $m$-secure set. The eternal $m$-security number$sigma_m(G)$ is the minimum cardinality among all eternal$m$-secure sets in $G$. An edge $uvin E(G)$ is ...
متن کاملEternal m- Security Subdivision Numbers in Graphs
Let be a simple graph with vertex set and edges set . A set is a dominating set if every vertex in is adjacent to at least one vertex in . An eternal 1-secure set of a graph G is defined as a dominating set such that for any positive integer k and any sequence of vertices, there exists a sequence of guards with and either or and is a dominating set. If we take a guard on every ver...
متن کاملThe Spotless System: Implementing a JavaTM System for the Palm Connected Organizer
The majority of recent Java implementations have been focused on speed. There are, however, a large number of consumer and industrial devices and embedded systems that would benefit from a small Java implementation supporting the full bytecode set and dynamic class loading. In this report we describe the design and implementation of the Spotless system, which is based on a new Java virtual mach...
متن کامل