Bugtraq mailing list archives
Re: http://www.smashguard.org
From: Crispin Cowan <crispin () immunix com>
Date: Sat, 07 Feb 2004 15:44:46 -0800
Hilmi Ozdoganoglu wrote:
Utter nonsense. Legacy software has to be recompiled to use the new CPU instruction set. A new CPU architecture is vastly *more* intrusive than a new compiler.Agreed, the software based approach does not take a significant performance hit, but the hardware approach is transparent to the user and does not require recompilation of the source code. Therefore, all programs can run securely on a machine whether or not they are "compiled securely" (e.g. legacy software).
As Theo said, the AMD buffer overflow "protection" is nothing more than sensible separation of R and X bits per page, fixing a glaring and anomalous defect in the original 386 MMU. Many CPUs before and since had this feature, and it was just Intel slop in the early 1980s that developed an MMU (and associated instruction set) that mistakenly treated R and X per page as one bit.The idea is not to create "custom CPUs" but to have our modification picked up by major vendors. Clearly there is interest in applying hardware to solve security issues based on the latest press releases from AMD that AMD chips include buffer-overflow protection (see Computer World, January 15, 2004).
Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ CTO, Immunix http://immunix.com Immunix 7.3 http://www.immunix.com/shop/
Current thread:
- http://www.smashguard.org Hilmi Ozdoganoglu (Feb 02)
- RE: http://www.smashguard.org Dave Paris (Feb 03)
- Re: http://www.smashguard.org Nicholas Weaver (Feb 03)
- RE: http://www.smashguard.org Hilmi Ozdoganoglu (Feb 07)
- Re: http://www.smashguard.org Theo de Raadt (Feb 07)
- Re[2]: http://www.smashguard.org Andrey Kolishak (Feb 09)
- Re: http://www.smashguard.org Crispin Cowan (Feb 09)
- Re: http://www.smashguard.org Theo de Raadt (Feb 10)
- Re: http://www.smashguard.org Nicholas Weaver (Feb 09)
- RE: http://www.smashguard.org Dave Paris (Feb 03)
- Re: http://www.smashguard.org Seth Arnold (Feb 05)