Virtual Memory in Computer

February 24, 2011 at 03:30:05
Specs: Windows 7

Is pagefile.sys the only file for virtual memory of computer?

It is said that for security reason, this file should be cleared at shutdown in order not to be accessed by other users.

But, in my case, the adminstrator do not allow me to do so.

I guess that the existing data inside this file should continuously be "overwritten" by fresh new data everytime you are running applications on computer. Is that right??

So if , under my local setting, I processed some sensitive information (e.g. passoword, secret document) in my computer 20 days ago and then kept on using the computer in next 19 days, has my sensitive information in pagefile.sys be already overwritten by other fresh new data ?

By the way, can the theft extract the whole file (about 50MB) from pagefile.sys?

Thank you for your sharing.

See More: Virtual Memory in Computer

Report •

February 24, 2011 at 04:27:12
I will not say anything about virtual memory except that it is far more complex than you imagine.
In the large majority of situations clearing the pagefile on shutdown is a waste of time. The pagefile cannot be accessed by any application while Windows is running. To access the pagefile a hacker would need to boot into an alternate operating system, such as a Linux live CD. At this point the system is already at his mercy, even without accessing the pagefile. Even if he obtained access to the pagefile he would face a formidable task. Large files are almost certainly going to be incomplete and scattered throughout the pagefile and mixed with other data.

In a high security environment clearing the pagefile may be a good idea. But it really only makes sense when done as part of a comprehensive security policy. Most systems have security issues that are far more serious than an uncleared pagefile.

In any event you can't do anything about it anyway.

Report •
Related Solutions

Ask Question