How safe are things stored in memory?

Let's say I have a program that reads a file into memory and uses something (e.g. rijndael/AES) to decrypt it. How protected is the new unencrypted stream/string/whatever that my program is holding in memory? I realize that it would take a bit of memory trickery to even attempt it, but I'm just curious. I don't know a lot about how programming/stack/memory works in relation to .NET/VS2010 so I apologize. 开发者_如何学JAVAOn that note, how safe are hard-coded strings (e.g. the connection string to a SQL server that would contain a user/pw made for the software)?

Not safe at all, even with Memory Protection it's trivial to just take a memory dump or use something like Crack.net to peek into memory.

You can use System.Security.SecureString which is a bit painful to work with but "Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed."

Hard-coded strings are not safe at all. It is a trivial matter to extract all the strings from an .exe file.

In-memory is quite a bit safer. Modern Operating Systems have a lot of memory protection, to prevent one process from reading/modifying the memory of another. This would prevent spyware from reading a password from the memory segment of another process.

As long as your process only holds the unencrypted value in memory (never writes it to a file, transmits it, stores it in a database, etc), it is probably safe enough.

For super-secret data, you have to care about warm-reboots. This is when your program holds the unencrypted data in memory, then the user reboots the machine, and proceeds to read all of main memory. In such a scenario, it is possible for the memory to still contain the unencrypted information. However, this is kinda extreme, and (for most applications) not worth worrying about.

To sum up:

• unencrypted data in memory = ok
• unencrypted data hard-coded in .exe file = bad

If you want to keep strings loaded into memory safe, use the SecureString class http://msdn.microsoft.com/en-us/library/system.security.securestring.aspx. See also: http://www.vcskicks.com/secure-string.php

Without using a specialized API, you should assume that any text in memory is readable by anyone that can read your hard disk, and anyone that can read you process memory (e.g. root or equivalent, another process from the same user, or an exploit within your process).

Your memory may be paged to disk. Certain environments have specialized ways of allocating memory that prevents paging (I don't know if such a facility is available from the C# standard libraries, but I assume one is available for use on Windows).