Reputation: 575
How to securely erase sensitive information from memory
Security penetration tools are able to get sensitive information from Memory dump. As far as I know setting null to any variable should be fine I guess ... But I am unable to call dispose any C# varialbes.
Basically I am planing to store everything in keychain and whenever I get the value and after using I willl be setting null to clear off...but why dispose couldn't be called ... I don't know
If there are any better way to handle sensitive data variables in xamarin kindly let me know.
Upvotes: 0
Views: 872
Answers (1)
Reputation: 11480
The Dispose() is meant to be called on those objects that implement a destructor or finalizer. To hide sensitive data that is lingering, I'm assuming you mean string values. You could implement SecureString. This will convert the area of memory where your string is stored into cipher text.
Proper usage is all over Stack Overflow for the SecureString. But not sure if it is supported via Xamarin. At least while it is cipher text, it will not be exposed via a memory dump. I warn you, it is a weird api to implement.
Upvotes: 2
Related Questions
- Xamarin iOS memory leaks everywhere
- How to "zero out" and ensure deletion of a string from memory
- C# Securely delete variable from memory
- Data Protection in .Net
- Xamarin memory reclaim issues
- What is the correct way to clear sensitive data from memory in iOS?
- Xamarin iOS Memory Profiling
- How to clear a memory early in c#
- Ensure removal of sensitive data from memory
- C# How to completely remove object from memory