• blackstrat@lemmy.fwgx.uk
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago

    The unencrypted data should only be in memory when needed (copied to clipboard, shown on screen etc). After use the objects handling sensitive should overwrite themselves.

    A string falling out of scope in C++, or an object being left to the garbage collector is still readable and not overwritten by default. It’s a very easy problem to solve in C++, either through custom allocators or destructors. But it makes a bigger difference when objects having short lifetimes