Slashdot Mirror


AMD Could Profit from Buffer-Overflow Protection

spin2cool writes "New Scientist has an article about how AMD and Intel are planning on releasing new consumer chips with built-in buffer-overflow protection. Apparently AMD's chips will make it to market first, though, which some analysts think could give AMD an advantage as the next round of chips are released. The question will be whether their PR department can spin this into a big enough story to sell to the Average Joe."

9 of 631 comments (clear)

  1. Code rewrites going to be needed? by PornMaster · · Score: 5, Interesting

    I know that people using standard APIs might be fine, but I can't help but wonder how many applications will not work because of it. While there probably aren't many self-modifying code apps out there, there are surely some. Will they be affected?

    1. Re:Code rewrites going to be needed? by chamilto0516 · · Score: 5, Interesting
      Self modifying code apps would be affected. And I think that is a good thing because you would want to ferret out such things in your systems.

      Writing self-modifying code was the first thing my Assembler instructor put his foot down and said, "bad idea, don't even think about it." I could see you could do it easily with assembler.

      I would entertain listening to cases where self-mod'ing code has its place.

      --
      Magic Eight Ball: Outlook not so good., Hmmm, how about Excel and Word?
  2. Re:Pathetic by strictnein · · Score: 5, Interesting

    It's pathetic that AMD has to fix M$'s bugs...

    How is this insightful? First of all, any post that uses the $ is Microsoft's name should be modded -1, 14 year old poster.

    As if buffer overflows really had much to do with the OS. It has a lot more to do with poor coding. Try the following searches for more info:

    linux buffer overflow
    bsd buffer overflow
    OS X buffer overflow
    Solaris buffer overflow
    And yes, everyone's favorite:
    windows buffer overflow

  3. Old news by Todd+Knarr · · Score: 5, Interesting

    This existed in the 8086 and 8088 CPUs. You seperate your program into code, data and stack segments and load the appropriate segment registers. Code segments can't be read or written, data and stack segments can't be executed. But stupid programmers decided that that kept you from playing games with code-as-data and data-as-code, so they created flat addressing mode with all segment registers pointing at a single segment. Feh. Those who don't read history are doomed to repeat it. Badly.

  4. Execution bit on MMU Pages by adisakp · · Score: 5, Interesting

    For what it's worth... many processors, like the PowerPC series have had this "buffer overflow protection" feature for years. The idea is to mark program code pages after they are loaded as executeable and read-only. No other pages are marked executeable. It destroys clever little hacks like self-modifying code but at the same time, makes it impossible for buffer overflows to introduce new code into a programs executeable code page set.

  5. The Average Joe? by SpaceRook · · Score: 5, Interesting

    The average joe can't even figure out that he shouldn't open email attachments from people he doesn't know (Exhibit A: MyDoom). You really think he knows what the fuck a buffer overflow is? "No buffer overflow? But what if I *want* overflow! More is better!" I applaud this security feature, but don't think of it as a selling point for typical users.

  6. Re:AMD needs better marketing by Neil+Watson · · Score: 5, Interesting

    It's frightening that even vendors believe in marketing. I meet with vendor one day to discuss supplying us with generic computers. I told them that most of our desktops were Durons. They gasped and stated they could not recommend such things. Stating that they would quote us Intel to "ensure stability". I asked them to cite proof that AMD systems were unstable. They could not but implied that it was common knowledge.

  7. Re:Nope by Inuchance · · Score: 5, Interesting

    I think a good commercial would having hackers trying to break into a computer, and then a big "ACCESS DENIED" error shows, and one of the hackers exclaims, "No good, they've got the latest AMD CPU!" And then some announcer says something like, "With the latest CPUs from AMD, your computer executes only what YOU want it to, not what THEY [flash over to image of frustrated hackers] want!"

  8. Re:Linux support by Tony+Hoyle · · Score: 5, Interesting

    It's been implemented in Linux since about 6 months ago, at least on the amd64 branch.

    http://www.x86-64.org/lists/discuss/msg03469.htm l