 |
 |
How does AMD virus protection work?
|
|
|
|
|
Addicted to MacNN
Join Date: Aug 2004
Location: FFM
Status:
Offline
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Apr 2002
Location: Illinois
Status:
Offline
|
|
Well, I'm assuming 2 things.
a) WMV is evil and thou shalt not link to it.
b) They're talking about the execute bit, which would mean that code that is executable HAS to be set that way by the compiler. It prevents buffer overflow attacks that cause some of the worst damage (they can allow someone to escalate privileges and execute arbitrary code just by running the exploit.)
|
|
|
| |
|
|
|
|
|
|
|
Moderator  Join Date: May 2001
Location: Hilbert space
Status:
Offline
|
|
This is an old story for workstation-class cpus. OpenBSD has a kind of software implementation of this, they put executable code into one half of the memory, data in the other, and allow execution only of things which are located in the executable half.
|
|
I don't suffer from insanity, I enjoy every minute of it.
|
| |
|
|
|
|
|
|
|
Administrator  Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
As mentioned in the news clip, a lot of exploits against Windows take advantage of unchecked buffers and capitalize on an application filling a buffer beyond its size, thus saving code in a different part of memory that supposedly will allow that code to be executed. XP service pack 2 and AMD's Athlon 64 both appear to check the size of a destination buffer and disable anything that tries to store data past the end of the buffer-SP2 thorugh simply stopping the fill and I believe the Athlon does it by preventing the fill entirely.
As Oreo says, this isn't really new, but it is good that it's being done at both the OS and hardware levels.
|
|
Glenn -----
OTR/L, MOT, Tx
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2001
Location: Chile
Status:
Offline
|
|
|
|
:: frankenstein / lcd-less TiBook / 1GHz / radeon 9000 64MB / 1GB RAM / w/ext. 250GB fw drive / noname usb bluetooth dongle / d-link usb 2.0 pcmcia card / X.5.8
:: unibody macbook pro / 2.4 Ghz C2D / 6GB RAM / dell 2407wfp - X.6.3
|
| |
|
|
|
|
|
|
|
Administrator Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Linux and other *nix OSs (including Mac OS X) do a much better job of avoiding buffer overflow problems than Windows. This is probably because they are not built from "legacy code" that is adapted to tasks it was never written for, as much of Windows is.
|
|
Glenn -----
OTR/L, MOT, Tx
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Apr 2002
Location: Illinois
Status:
Offline
|
|
Originally Posted by ghporter
Linux and other *nix OSs (including Mac OS X) do a much better job of avoiding buffer overflow problems than Windows. This is probably because they are not built from "legacy code" that is adapted to tasks it was never written for, as much of Windows is.
Are you saying *NIX is not legacy and NT is?
Now don't get me wrong, I'm a huge Apple fanatic, but this blatant mis-information needs to stop. OS X is more secure for a number of reasons (doesn't come with 30 billion services on by default, requires Admin password to install stuff into the OS, ect) but pretty much the only reason we get security patches is because of buffer overflow errors being found in the open source side of things.
|
|
|
| |
|
|
|
|
|
|
|
Moderator Join Date: May 2001
Location: Hilbert space
Status:
Offline
|
|
Originally Posted by King Bob On The Cob
Are you saying *NIX is not legacy and NT is?
Now don't get me wrong, I'm a huge Apple fanatic, but this blatant mis-information needs to stop. OS X is more secure for a number of reasons (doesn't come with 30 billion services on by default, requires Admin password to install stuff into the OS, ect) but pretty much the only reason we get security patches is because of buffer overflow errors being found in the open source side of things.
No, it goes even further. I wouldn't even say it is due to legacy compatibility with NT. Just an example. Windows NT up to 3.5 had its window manager running on top of the kernel which cost performance, obviously. NT 4.0+ did integrate that into the kernel, improving performance. On the other hand, if you can compromise the window manager, you are already in kernel space which gives a perpetrator many more options to choose from.
|
|
I don't suffer from insanity, I enjoy every minute of it.
|
| |
|
|
|
|
|
|
|
Administrator Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
The "legacy code" I'm talking about can come all the way from DOS 3. Microsoft reuses code chunks very freely-and pieces of code that were never intended to go on a computer that could communicate with other computers often have gaping holes that can cause serious problems. For purposes of this discussion, I'd almost call NT "current code." Unfortunately I can't since not all of NT (any flavor) is new code.
In contrast, Unix and its variants are all written intentionally to allow computers to communicate with each other, and such things as "unchecked buffers" are pretty much unheardof. Plus all of the variations on Linux are scoped out by a very large number of fanatics who live to "make their contribution" to the OS. Here "fanatic" is not intended to be derogatory; the folks that review Linux kernel code are simply exceptionally passionate about it.
|
|
Glenn -----
OTR/L, MOT, Tx
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
