Endpoint credentials

Topics: Mobile Client Software Factory
Aug 7, 2006 at 9:40 PM
originally posted by: eekvang


When storing credentials in the endpoint catalog block, we have noticed that this information is not encrypted while in memory.

Does this mean that you consider it to be safe to not encrypt this information when using the endpoint catalog block?
Is it possible for an intruder to dump the memory and gain access to the credentials?

Thanks again..
Aug 7, 2006 at 9:50 PM
originally posted by: dcazzulino

There is no SecureString in the CF, for a start...
Then, try reading this entry from a very knowledgeable Security MVP: http://www.harper.no/valery/PermaLink,guid,a5028c22-5a46-48e2-ba78-f3a954d0e8be.aspx
And then see if you still consider in-memory encryption to be a top priority ;)