How can I be sure memory is being overwritten - Javascript

Question

When loading sensitive information into memory I want to make sure it is securely erased afterwards. I am working on a Javascript web app, and I want to make sure that my variab

Answer 1

JavaScript don't even support pointers or any way to control whatever it does with memory. You simply cannot make sure that a overwriting in fact happened. The best you can do is unset the variables and pray to the garbage collector god that it will reuse the space they were holding with new stuff.

Also, its kind of pointless to try to protect this information in memory anyway, since:

1. Your main preoccupation should be the fact that it will be transmitted over the network;
2. It will be only possible to read it from memory if the client computer is compromissed;
3. It is way easier to simply debug or adulterate the JavaScript code to make it hand you the information.

If you are relying in this JavaScript "security" to protect information you don't want the user to have access to, stop right now, because you can't. Even if you obfuscate the code it won't take 10 minutes to an experienced programmer to undo it, it doesn't even qualify as Security through obscurity, it's just no security at all.