Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Why Was Intel a No-Show on No Execute?

    Written by

    Larry Seltzer
    Published May 25, 2004
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      A big part of the brain surgery Microsoft is performing on Windows XP Service Pack 2 is support for new “NX” features in x86 processors. These features allow software (the Windows OS in this case) to mark certain areas of program memory as non-executable. Since a large number of remote attacks—Blaster and Sasser, for example—rely on executing code from areas not intended to hold executable code, proper use of this feature should prevent a large percentage of attacks.

      The processor companies, and I suppose Intel in particular, are getting away a little easy on this. Its all hindsight, but why havent we had this feature for years? Buffer overflows have been a big problem for a long, long time, yet weve barely begun to see CPUs from the x86 world that implement the feature.

      According to Microsofts explanation of “Execution Protection,” the companys name for NX support in Windows, the whole problem has to do with executing code out of areas of the program, basically the stack and heaps, that are reserved for data. This would generally be considered good software engineering practice anyway, but there are a few applications where it could present problems. For software that must manipulate code in a data area and then execute it, Microsoft provides a mechanism to mark the areas as executable.

      The classic example, cited by Microsoft, is a just-in-time compiler, or JIT, most famous in the Java Virtual Machine (JVM). I asked Sun about it, and they said changes were made to the JVM for Version 1.5 to support NX and then they backported these changes to the latest 1.4.2_05 release, to be released this summer. Both the 32- and 64-bit VMs support NX.

      But not all low-level software requires changes. I asked Sophos, which makes anti-virus software and also owns ActiveState, maker of Perl. Perl is interpreted rather than JIT-ed, so theres little chance it would have a problem. Their anti-virus products arent affected. Its possible to imagine certain debugger techniques causing problems, but there are workarounds for all these cases, and the tools will all be updated to mark pages as executable.

      Next page: Idea not a new one.

      Page Two

      Its not like the idea of marking areas non-executable is a new one. Intels old 16-bit segmented model prior to the 386 had features for marking segments non-executable. Because of the nature of segments, this probably would have been worthless as a security feature, but clearly they were thinking about it over 20 years ago.

      All is not perfect with NX yet. Microsoft says, for reasons I dont understand, that in 32-bit NX systems they will protect only the Windows stack, not the paged pool and other data areas. Incidentally, Linux has supported NX on AMD processors for a while now, although Im not sure whether the heap is protected.

      I used to study microprocessors pretty closely, and NX seems like an obvious feature for page-level protection. The Page Table Entry (PTE), the data structure that describes a page, has lots of free “reserved” bits, and theyve been there for almost 20 years. Meanwhile, in an era where multigigahertz PCs cost less than $500 so that users can surf the Web and do word processing as fast as they could before, a major problem that could affect everyone went ignored. What other problems are being ignored like this one?

      Intel especially should be ashamed. They had to be embarrassed into supporting NX in their upcoming Prescott processors after AMD added it to their own CPUs. And at first they resisted, expressing pointless concerns over compatibility problems that pale in comparison to the benefits of NX. Intel needs to take a good hard look at how they can make their processors better, rather than just faster.

      Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.

      /zimages/1/28571.gifCheck out eWEEK.coms Security Center at http://security.eweek.com for security news, views and analysis.
      Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page: http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo2.gif

      More from Larry Seltzer

      Larry Seltzer
      Larry Seltzer
      Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement— He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×