BYTE.com
RSS feed
Archives
Columns
Features
Print Archives 1994-1998
Special
Michael Abrash's Graphics Programming Black Book
101 Perl Articles
About Us
Write to BYTE.com
Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
Email Address
First Name
Last Name




 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE    
BYTE.com > Chaos Manor > 2005

Losing the Worm War

By Jerry Pournelle

May 31, 2005

(Losing the Worm War :  Page 1 of 1 )



Column 298 (Continued from the Previous Week)

Longhorn, XP, and Security

Longhorn is supposed to end a lot of security worries. Among other security features, it will have ways to segregate instructions that can be executed from data areas which that contain executable instructions. This feature is already present in XP Service Pack 2, known alternately as "Data Execution Prevention" (DEP) or "No Execute" (NX): follow the menus through the System Control Panel to the Advanced tab to the Performance button to the Data Execution Prevention tab. It only works on 64-bit-ready systems (AMD's Athlon64 and Opterons or the latest Intel Pentium 4 chips). If your system doesn't support DEP, you'll see a message saying so.

DEP sounds like strong type checking, and after the security session I put it to the Microsoft presentation team headed by Dave Aucsmith, Security Architect and CTO of the Microsoft Security Business and Technology unit: "If XP had been built in a strongly typed language with range checking—say Modula-2, or even Ada—wouldn't most buffer overflow worms starve to death?"

It was a moment of triumph when they all agreed. After all, I've only been making this argument since about 1982.

But gloat as I might, the security problem is severe, and if we had to wait for Longhorn we might not have a computer industry left.

The typical code exploit begins in a laboratory where someone finds a vulnerability. The finder is about as likely to be an academic as an industry employee. Most exploits are privately reported to Microsoft, who sets up a team to generate a patch. A few academics have insisted on going public with an announcement of the vulnerability at the same time it's reported to Microsoft, but typically the discoverer waits to make the public announcement until the patch is ready. The patch goes out, and is applied, at least by those who know and care.

Now the worm writers have the patch. The new code is disassembled and reverse-engineered to find the vulnerability.

 Page 1 of 1 


BYTE.com > Chaos Manor > 2005
Dr. Dobb's Media Center
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE: Volume 2 - Heuristic Algorithms
The Best of BYTE: Volume 2 - Heuristic Algorithms
In this volume of Best of BYTE, we explore the emergence of some heuristic algorithms. Although we have only scratched the surface of this intriguing subject, we hope we've suggested the potential of the synthesis of heuristics and algorithms.

© 2008 Think Services, Privacy Policy, Terms of Service, United Business Media Limited
Site comments: webmaster@byte.com
Web Sites: BYTE.com, dotnetjunkies.com, Dr. Dobb's Journal, SD Expo, Sys Admin, sqljunkies.com, Unixreview



MarketPlace
Sign Up & Get Full Access To The Definitive Online Book Collection With SkillSoft's Books24x7�.
IT Service Management that Delivers. Real Value. Real Flexibility. Real Results. Free Demo.
Fast online exception analysis. Capture customer crash data online.
One Stop to Buy All Your Business IT Solutions. Browse Through Dell's Best Deals Online Now!
Find Scalable and Secure Dell� Network Server Solutions at Dell� - Official Site.
Wanna see your ad here?
 

web2