(ansi) strings are used to store sensitive data like keys /random data. These are typically reset by assigning ''; but this doesn't clear the memory, so it could be sniffed or read from a memory dump.
You can't easily overwrite all copies of a string because of Delphi's reference counting, so random data should use a dedicated byte array type.
From the FreeOTFE 6.0 code, it looks like Sarah Dean was starting to make this change.
(ansi) strings are used to store sensitive data like keys /random data. These are typically reset by assigning ''; but this doesn't clear the memory, so it could be sniffed or read from a memory dump. You can't easily overwrite all copies of a string because of Delphi's reference counting, so random data should use a dedicated byte array type. From the FreeOTFE 6.0 code, it looks like Sarah Dean was starting to make this change.