Doesn’t Windows already have a data store that’s encrypted with a key that doesn... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		plonk on June 1, 2024 \| parent \| context \| favorite \| on: Recall: Stealing everything you've ever typed or v... Doesn’t Windows already have a data store that’s encrypted with a key that doesn’t exist in RAM unless you’re logged on? And some kind of isolation of sensitive processes in a VM? Malware can probably read most of the user’s data in RAM, but if OS components keep getting more isolated from each other, maybe that can be secure enough.

rzzzt on June 1, 2024 [–]

The Data Protection API makes this quite easy from a programming standpoint (it also makes relocating keys to another machine hard, but in this case this should count as another upside): https://en.wikipedia.org/wiki/Data_Protection_API

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact