Protected Memory

  • Thread starter Thread starter dawson.jon
  • Start date Start date
D

dawson.jon

Hello:

In C# is there a way to declare a certain portion of memory protected
or secure, so that when you shut down an application that area of
memory will get overwritten or allow someone to attach a debugger and
read that memory at runtime?

Thanks,
Jonathan Dawson
 
No, there's nothing in C# that would let you do that. Managed languages move
objects around in memory to avoid memory fragmentation. Plus, you can't
directly access memory unless you do it in unsafe code.

I don't think there's a way to do that in Windows. You can intercept page
faults check the processing accessing the memory and choose no fault the
application if it isn't an application in memory; but once a valid
application accesses that memory a debugger would be free to look at it too.
I wouldn't recommend doing anything like that in C# though.
 
dawson.jon said:
In C# is there a way to declare a certain portion of memory protected
or secure, so that when you shut down an application that area of
memory will get overwritten or allow someone to attach a debugger and
read that memory at runtime?
No, there isn't. In fact, there's no way to prevent anyone who's able to
debug an application from reading all memory of that application. This is by
design. Windows has built-in support for cryptographic protection of data,
but this can only protect data from being read (or rather, meaningfully
deciphered) by other users (even privileged ones). If this is your concern
(protecting sensitive data from other users), take a look at the
ProtectedMemory class in System.Security.Cryptography.

If your concern is preventing the user from reading data that is processed
by an application running under that same user's credentials, however,
you're attempting the impossible. All applications running under the same
credentials are equal. You can make it as hard as you like for another
program to read out your memory (check for debuggers, move the data around a
lot, keep the page protected for as long as possible, etc.) but these
schemes are all ultimately doomed to failure. That said, many people try to
postpone the failure for as long as possible; the results are called "copy
protection", and their success varies.
 
postpone the failure for as long as possible; the results are called "copy
protection", and their success varies.

A bit off-topic, very nostalgic.

I remember the good old days and the Commodore-64.
Game designers moved code to $400 and had it executed there.
$400 is typically text-graphics-memory, so when you reseted the computer (to
crack the game, create cheats etc) that memory was overwritten and
(critical) part of game gone.

Cartridges, like the Final Cartridge mkII, had a special reset-button that
copied the text-graphic-memory to own memory, so you could look at the
'secret' code.

- Michael Starberg
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top