I’m not an Android dev, but at first glance it looks like all this does is try to allocate all of the free memory in the system, and walks through the pages and uses rand() to fill in all of the bytes. Technically it’s possible for the pages returned by malloc to contain old data, but only if it was allocated by your process in the first place (maybe that’s not the case on Android?)… So I guess the idea is that if Molly itself is compromised and an attacker is able to allocate memory in the Molly process they could conceivably get an old page from memory and that page might contain secrets from the Molly app itself… But at that point, surely you’re fucked anyway, and the attacker can presumably read all of the currently allocated memory which is certainly far more of a security concern anyway? I just don’t think it’s worth the cycles.
Okay, I got curious and looked into it… These are the relevant files for the “RAM shredding”
I’m not an Android dev, but at first glance it looks like all this does is try to allocate all of the free memory in the system, and walks through the pages and uses
rand()to fill in all of the bytes. Technically it’s possible for the pages returned bymallocto contain old data, but only if it was allocated by your process in the first place (maybe that’s not the case on Android?)… So I guess the idea is that if Molly itself is compromised and an attacker is able to allocate memory in the Molly process they could conceivably get an old page from memory and that page might contain secrets from the Molly app itself… But at that point, surely you’re fucked anyway, and the attacker can presumably read all of the currently allocated memory which is certainly far more of a security concern anyway? I just don’t think it’s worth the cycles.