[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200405171517.i4HFHjlA014699@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Support the Sasser-author fund started
On Mon, 17 May 2004 13:33:44 +0200, Ondrej Krajicek <krajicek@....muni.cz> said:
> > we're faster". Add on an the required anti-virus program monitoring
> > packets in and out and watch your performance drop as that eliminates
> > the whole concept behind DMA as now you have to route all data through
> > the host cpu anyways. Pretty soon, we'll need AV signature engines
> > encoded in the data bus of Windows machines in silicon. I wouldn't be
> > surprised if Intel or AMD had a skunkworks project on this very problem.
"Palladium". It's more about DRM than about real security (think about it -
if somebody find yet another IIS exploit, the buffer overflow will run in the IIS
context same as it does now....
> IMHO the data are routed through host CPU anyway, DMA is not as clever
> to locate the proper file in the proper filesystem on the proper
> volume and pass them to the proper network card. You're right that the=20
> CPU does not have to process every single bit of each (?) file.
> But this could be solved by used more advanced bus architecture
> (PCIX or even something faster) and adding more CPU. Dedicated anti-virus
> chip is a thing which I hope is not going to happen.
Hmm.. let me get this straight - I can run something like SELinux and get
snappy performance on a 700mz PentiumIII, but to get security out of Windows
I'll need even MORE CPU and a PCIX? What's wrong with this picture?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040517/284240e4/attachment.bin
Powered by blists - more mailing lists