Robert Lemos, 2006-06-02
Colapse all |
Post comment
Microsoft defends Vista by mixing up memory
2006-06-02
Anonymous (1 replies)
Anonymous (1 replies)
Microsoft defends Vista by mixing up memory
2006-06-03
Anonymous (1 replies)
Anonymous (1 replies)
Disaster waiting to happen if your a home user or admin out there thinking of buying this product do yourself a favor get a good case of extra strength asprin before you install.
...
[ more ] [ reply ]
...
[ more ] [ reply ]
Microsoft defends Vista by mixing up memory
2006-06-03
Anonymous (1 replies)
Anonymous (1 replies)
Delayed until at least January 1007 ?
This will establish a new all-time record for late-to-market software....
[ more ] [ reply ]
This will establish a new all-time record for late-to-market software....
[ more ] [ reply ]
Microsoft defends Vista by mixing up memory
2006-06-03
Anonymous
Anonymous
Although this is a great thing for Windows, such a method to improving security has been available for over 3 yrs in Linux (PaX and ExecShield) and is a standard feature in OpenBSD since ver 3.3
This does indicate Microsoft is more than a bit behind the times when it comes to security....
[ more ] [ reply ]
This does indicate Microsoft is more than a bit behind the times when it comes to security....
[ more ] [ reply ]
Microsoft defends Vista by mixing up memory
2006-06-04
Techokami (1 replies)
Techokami (1 replies)
The year 1007? Either that's one hell of a typo or Microsoft made a hole in the fabric of space/time....
[ more ] [ reply ]
[ more ] [ reply ]
good!
2006-06-04
Anonymous
Anonymous
it's good to see that m$ is using what was avaliable in the opensource world for many years. usually features like stack protection and entry address randomization were not standard because "they would lead to a false sense of security".
i hope kernel developers faced with the "windows has it" ar...
[ more ] [ reply ]
i hope kernel developers faced with the "windows has it" ar...
[ more ] [ reply ]
Microsoft defends Vista by mixing up memory
2006-06-05
Anonymous
Anonymous
What the heck? Whether it be the writers of this article, or a direct quot to microsoft chalk another on up to bad proofreading.
"Originally slated to roll out this summer, the consumer version of Windows Vista has been delayed until at least January 1007 dues to quality and security concerns, the...
[ more ] [ reply ]
"Originally slated to roll out this summer, the consumer version of Windows Vista has been delayed until at least January 1007 dues to quality and security concerns, the...
[ more ] [ reply ]
Already in Linux
2006-06-05
-Pat (2 replies)
-Pat (2 replies)
Re: Already in Linux
2006-06-06
Jeff H (1 replies)
Jeff H (1 replies)
They never said it was a new idea :)
If it's already in some flavours of Linux, then it should have been shown to add something useful, otherwise, given the Linux community, it would have been removed. So adding it to Windows is definitely a good thing....
[ more ] [ reply ]
If it's already in some flavours of Linux, then it should have been shown to add something useful, otherwise, given the Linux community, it would have been removed. So adding it to Windows is definitely a good thing....
[ more ] [ reply ]
Microsoft defends Vista by mixing up memory
2006-06-05
assurbanipal (2 replies)
assurbanipal (2 replies)
...it took YEARS to the "software giant" to come to this!
not being able to effectively reduce the number of their holes, at last they gave up and try to make them more difficult to be exploited.
well, better later than never!
...
[ more ] [ reply ]
not being able to effectively reduce the number of their holes, at last they gave up and try to make them more difficult to be exploited.
well, better later than never!
...
[ more ] [ reply ]
Re: Microsoft defends Vista by mixing up memory
2006-06-06
Jeff H (1 replies)
Jeff H (1 replies)
Actually, this decreases the likelihood of exploits in any application based on such things like the C runtime. Do a little reading around the subject, like how it's been in use in Linux for a while. How come they added it if they are so good at patching holes?
Such blatant MS bashing deserves al...
[ more ] [ reply ]
Such blatant MS bashing deserves al...
[ more ] [ reply ]
Re: Re: Microsoft defends Vista by mixing up memory
2006-06-06
Paul Kosinski (1 replies)
Paul Kosinski (1 replies)
Microsoft is doing a good thing, as have Linux and OpenBSD. No matter how many or few security flaws you have, "defense in depth" is always an improvement....
[ more ] [ reply ]
[ more ] [ reply ]
Microsoft defends Vista by mixing up memory
2006-06-05
Anonymous (2 replies)
Anonymous (2 replies)
"a technology that shifts the start address of frequently used code libraries after every system restart"
wow.. what a feature !!! who is going to reboot servers on a regular basis ? need at least two machines for resiliency......
[ more ] [ reply ]
wow.. what a feature !!! who is going to reboot servers on a regular basis ? need at least two machines for resiliency......
[ more ] [ reply ]
Re: Microsoft defends Vista by mixing up memory
2006-06-06
Paul Kosinski (1 replies)
Paul Kosinski (1 replies)
I think the point is that different computers will have different addresses assigned, making it impractical to easily build a virus/worm that works on all of them.
...
[ more ] [ reply ]
...
[ more ] [ reply ]
Re: Re: Microsoft defends Vista by mixing up memory
2006-06-08
Jeff H
Jeff H
Correct - the problem at the moment is that on every machine, things like the C runtime always load in exactly the same place in the per-process address space. This makes writing exploits that say, buffer-overrun into running a C runtime command, really easy.
ASLR makes this much harder because n...
[ more ] [ reply ]
ASLR makes this much harder because n...
[ more ] [ reply ]
Re: Microsoft defends Vista by mixing up memory
2006-06-06
Anonymous
Anonymous
I know what you mean. Some times it takes a while befor bigger corperations realize or admit ideas from a smaller entity may have a positive impact on there product. Or just flat out take an idea from another entity. The good thing to realize here though, Is MS is finaly taking "ideas" from the ...
[ more ] [ reply ]
[ more ] [ reply ]
Microsoft defends Vista by mixing up memory
2006-10-16
Anonymous
Anonymous
This isn't going to stop malware! It'll just reduce the speed of them.
Before malware coders worked out how to use the now age-old SEH techniques for finding the kernel base address they used the technique of searching for it in memory at 64k page displacement. For example:
mov ebx, 0x780000...
[ more ] [ reply ]
Before malware coders worked out how to use the now age-old SEH techniques for finding the kernel base address they used the technique of searching for it in memory at 64k page displacement. For example:
mov ebx, 0x780000...
[ more ] [ reply ]
[ more ] [ reply ]