It's called DEP or NX in Windows. At a system level it's turn on since XP SP2, and you can set it to apply to Windows code itself, but apps have to opt in (when this all came out, too many programs crashed ungracefully when forced into it). Programs can opt in with a simple linker switch I think. Many apps do, but many don't. IE8 will opt in by default. Acrobat 9 does.
Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard M. Smith Sent: Wednesday, July 16, 2008 9:34 PM To: funsec@linuxbox.org Subject: Re: [funsec] Texas Bank Dumps Antivirus for Whitelisting I did a talk a couple of years ago at Boston University along this lines. I pointed out that many (but of course not all) security flaws in software are due to data morphing into code. Examples: buffer overflow, SQL injection, and XSS errors. I'm not sure how Harvard Architecture, whatever it might be, would protect against SQL injection and XSS errors. Buffer overflows can be dealt with by marking data pages as non-execute in the page table. Why this relatively simple fix can't be implemented across the board in Windows is a head scratcher to me. Richard -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob, grandpa of Ryan, Trevor, Devon & Hannah Sent: Wednesday, July 16, 2008 9:59 PM To: funsec@linuxbox.org Subject: Re: [funsec] Texas Bank Dumps Antivirus for Whitelisting Date sent: Wed, 16 Jul 2008 19:46:24 -0400 From: Rich Kulawiec <[EMAIL PROTECTED]> > Wrong answer. The correct answer is to recognize that any operating > system which requires anti-virus software is fundamentally, deeply > broken and to either (a) fix it (b) get it fixed or (c) dump it. Even better, let's dump von Neumann architecture, go back to Harvard architecture, and avoid viruses altogether ... Sorry, but I remember the late 80s when everybody was saying that once we got some security (mainframe-type, of course) into desktop operating systems viruses would be a thing of the past. They aren't, obviously. As long as data can be executed, and programs can be treated as data, viruses will be inherently possible. (And that's just viruses. The techie version of getting rid of a [favourite dumb- person epithet] by giving them a card with "Turn over" written on both sides is to tell someone to come up with a technical solution to trojans ...) ====================== (quote inserted randomly by Pegasus Mailer) [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Before speaking, consider the interpretation of your words as well as their intent. - Andrew Alden victoria.tc.ca/techrev/rms.htm en.wikipedia.org/wiki/Robert_Slade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
