148
Molly - a better signal
(molly.im)
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
Okay, I got curious and looked into it... These are the relevant files for the "RAM shredding"
I'm not an Android dev, but at first glance it looks like all this does is try to allocate all of the free memory in the system, and walks through the pages and uses
rand()
to fill in all of the bytes. Technically it's possible for the pages returned bymalloc
to contain old data, but only if it was allocated by your process in the first place (maybe that's not the case on Android?)... So I guess the idea is that if Molly itself is compromised and an attacker is able to allocate memory in the Molly process they could conceivably get an old page from memory and that page might contain secrets from the Molly app itself... But at that point, surely you're fucked anyway, and the attacker can presumably read all of the currently allocated memory which is certainly far more of a security concern anyway? I just don't think it's worth the cycles.