| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4025786E.8080703@immunix.com> Date: Sat, 07 Feb 2004 15:44:46 -0800 From: Crispin Cowan <crispin@...unix.com> To: Hilmi Ozdoganoglu <cyprian@...due.edu> Cc: Dave Paris <dparis@...orks.com>, bugtraq@...urityfocus.com Subject: Re: http://www.smashguard.org Hilmi Ozdoganoglu wrote: > Agreed, the software based approach does not take a significant >performance hit, but the hardware approach is transparent to the user >and does not require recompilation of the source code. Therefore, all >programs can run securely on a machine whether or not they are "compiled >securely" (e.g. legacy software). > Utter nonsense. Legacy software has to be recompiled to use the new CPU instruction set. A new CPU architecture is vastly *more* intrusive than a new compiler. >The idea is not to create "custom CPUs" but to have our modification >picked up by major vendors. Clearly there is interest in applying >hardware to solve security issues based on the latest press releases >from AMD that AMD chips include buffer-overflow protection (see >Computer World, January 15, 2004). > As Theo said, the AMD buffer overflow "protection" is nothing more than sensible separation of R and X bits per page, fixing a glaring and anomalous defect in the original 386 MMU. Many CPUs before and since had this feature, and it was just Intel slop in the early 1980s that developed an MMU (and associated instruction set) that mistakenly treated R and X per page as one bit. Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ CTO, Immunix http://immunix.com Immunix 7.3 http://www.immunix.com/shop/
Powered by blists - more mailing lists