So, digg fans, you wanna see Alex in between his rock and a hard place?
Monday, February 19, 2007
Sunday, February 11, 2007
Hardware DEP Always On, please
Windows XP SP2 introduced Hardware DEP, which was then at first only available to 2 AMD processors and One type (Itanium) Intel processor.
IrfanView will run fine in Opt-Out mode, but NOT Always On mode (because stack pages that look like data are actually code that Irfan wants to run - unnecessarily. This is a very easy fix on Irfan's part, according to Gibson, and any other programmer familiar with Stack loading, hence the occasional overflows, but certainly critical in running bad hacks.)
Multiple Boot.ini files (or use DEPuty, a program written by PC Security Expert,
Live C programming is just a limited work-around, according to Gibson.
ASLR is not available for XP natively, however there is some freeware that DOES add ASLR to Windows XP SP2, and combined with Hardware DEP Always On and programmers stop sending executable code to stack pages for execution, then hackers will almost have a ZERO uptime in PC memory.
Microsoft's software DEP is NOT DEP (it will only block a very specific overflow problem, and that was so 5 years ago).
ALL processors made now and in the future will most probably have Hardware DEP and have it enabled by default as ALWAYS ON.
ALWAYS ON (Strongest - most problems)
OPT OUT (Strong - not many problems for the old-school coders using stack executable code)
OPT IN (weakest - mostly for testing malicious hacks on purpose)
ALWAYS OFF (non-existent)
<-- copyright 2005+ by Dan Prowse -->
IrfanView will run fine in Opt-Out mode, but NOT Always On mode (because stack pages that look like data are actually code that Irfan wants to run - unnecessarily. This is a very easy fix on Irfan's part, according to Gibson, and any other programmer familiar with Stack loading, hence the occasional overflows, but certainly critical in running bad hacks.)
Multiple Boot.ini files (or use DEPuty, a program written by PC Security Expert,
Steve Gibson
The MS Control Panel Opt-In / Opt-Out modes switch does NOT let you choose Always On or Always Off modes - which are ONLY available out-of-the-box through the BIOS settings. Some BIOSes will turn Hardware DEP to Always OFF, without the ability for you to turn in Always ON.Live C programming is just a limited work-around, according to Gibson.
ASLR is not available for XP natively, however there is some freeware that DOES add ASLR to Windows XP SP2, and combined with Hardware DEP Always On and programmers stop sending executable code to stack pages for execution, then hackers will almost have a ZERO uptime in PC memory.
Microsoft's software DEP is NOT DEP (it will only block a very specific overflow problem, and that was so 5 years ago).
ALL processors made now and in the future will most probably have Hardware DEP and have it enabled by default as ALWAYS ON.
ALWAYS ON (Strongest - most problems)
OPT OUT (Strong - not many problems for the old-school coders using stack executable code)
OPT IN (weakest - mostly for testing malicious hacks on purpose)
ALWAYS OFF (non-existent)
<-- copyright 2005+ by Dan Prowse -->
Wednesday, February 07, 2007
Porn: "The Perfect Porn Storms"
Leo LePorte said it. I say it.
If you let your Internet porn filter licenses lapse, then you have yourself to blame.
If I am surfing the net on YOUR equipment, and then all of a sudden I start getting multiple, uncontrollable pop-up windows full of PORN, and YOU blame ME - I WILL sue you.
I will sue you as sure as you read this.
"You have to physically click on this in order to get these kind of sites". The person who says that to you better be looking for another job in a field OTHER THAN IT.
<-- copyright 2007+ by Dan Prowse -->
If you let your Internet porn filter licenses lapse, then you have yourself to blame.
If I am surfing the net on YOUR equipment, and then all of a sudden I start getting multiple, uncontrollable pop-up windows full of PORN, and YOU blame ME - I WILL sue you.
I will sue you as sure as you read this.
"You have to physically click on this in order to get these kind of sites". The person who says that to you better be looking for another job in a field OTHER THAN IT.
<-- copyright 2007+ by Dan Prowse -->
Subscribe to:
Posts (Atom)
