Jeff Martin on Nostr: Dear #cryptography friends. How actually useful is zeroization as a modern computing ...
Dear #cryptography friends. How actually useful is zeroization as a modern computing security practice?
In my reading so far, it seems the only threat models that seem to care about zeroization are ones that include physical seizure of hardware. eg, a government losing control of military hardware on a battlefield.
But for us non-state-affiliated normies, it seems like the protections of modern OS memory management (eg, page scrubbing across security boundaries) should make zeroization pretty unnecessary, right?
In my reading so far, it seems the only threat models that seem to care about zeroization are ones that include physical seizure of hardware. eg, a government losing control of military hardware on a battlefield.
But for us non-state-affiliated normies, it seems like the protections of modern OS memory management (eg, page scrubbing across security boundaries) should make zeroization pretty unnecessary, right?