Running without swapfile

[Fire Wizard]

I never get BSOD's/hangs from disabling swap. It's common practise in some security conscious sectors like the one I work in (lessens the chance of unencrypted data being written to disk).

In regards to the security risks of the paging file, whilst it's possible for someone who has physical access to the machine to read the data which had been paged out when the system was running, you can configure the system to clear the paging file upon shutdown. To do so, if you open open Regedit and navigate to the following key:

HKEY_Local_Machine\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management

Change the ClearPageFileAtShutdown data value to 1.

Edit:

Actually, here is a quote from the Windows Internals Fifth Edition Book regarding this:

[QUOTE="Windows Internals Fifth Edition]

Because the page file contains parts of process and kernel virtual memory, for security reasons the system can be configured to clear the page file at system shutdown. To enable this, set the registry value HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\CleaPageFileAtShutdown to 1. Otherwise, after shutdown, the page file will contain whatever data happened to have been paged out while the system was up. This data could then be accessed by someone who gained physical access to the machine.[/QUOTE]

 

[Ratbag]

In regards to the security risks of the paging file, whilst it's possible for someone who has physical access to the machine to read the data which had been paged out when the system was running, you can configure the system to clear the paging file upon shut down. To do so, if you open open Regedit and navigate to the following key:

HKEY_Local_Machine\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management

Change the ClearPageFileAtShutdown data value to 1.

Edit:

Actually, here is a quote from the Windows Internals Fifth Edition Book regarding this:

I'd advise people against getting paranoid and deploying this tweak on home pc's as it adds aeons to shutdown time.

 

[Fire Wizard]

I'd advise people against getting paranoid and deploying this tweak on home pc's as it adds aeons to shutdown time.

Yep, clearing the page file upon shutdown is completely unnecessary for 99.9% of home users and I certainly wasn't advising anyone to do so, my post was just in response to the following part of Stickman's post here and informing him it's actually possible to clear the paging file upon shutdown.

I never get BSOD's/hangs from disabling swap. It's common practise in some security conscious sectors like the one I work in (lessens the chance of unencrypted data being written to disk).

 

[SiriusB]

Security conscious people should have whole disk encryption if they are that paranoid about their page file!

 

[mcompute]

Depending on what you're running, 4gb should suffice.