Holland Bans AMD's 'Virus Protection' Campaign

← Back to Stories (view on slashdot.org)

Holland Bans AMD's 'Virus Protection' Campaign

Posted by timothy on Tuesday December 28, 2004 @06:02PM from the puffery-is-strictly-for-cafes dept.

Hack Jandy writes "For those of you who didn't see this coming, AMD's Advanced Virus Protection campaign has been banned in Holland since the technology does (almost) nothing to stop viruses! If you recall, AMD's NX bit attempts to stop the processor from executing pages on the stack that have been written to. Does NX even solve more problems than it causes?"

3 of 330 comments (clear)

How do you explain it to Joe Sixpack? by LostCluster · 2004-12-28 18:03 · Score: 5, Informative

What the "NX bit" actually does is a pretty nice thing for preventing buffer overflows... if a segment of memory is marked for data use and then the code execution point somehow arrives there, you get a crash-out instead of the execution of arbitrary code.

Of course, AMD's problem is finding a way to try to communicate that concept to the average user. Joe Sixpack doesn't even know what buffer overflow problem is, so they don't understand why they need a solution to that problem. AMD is trying to use the concept of "virus prevention" instead, but apparently they've gone too far in implying that the NX bit eliminates the need for conventional anti-virus methods, which it most certainly does not.

This is an extra set of suspenders, not a new belt.
1. Re:How do you explain it to Joe Sixpack? by rale,+the · 2004-12-28 20:36 · Score: 5, Insightful
  
  I have to call you on this one. It's only a "pretty nice thing" in theory, since the option has to be enabled during the compilation of the binary.
  
  Sorry, but this isn't true - NX protection has nothing to do with compiling binaries. It is runtime protection.
  
  In Windows (even XPsp2), this is only enabled for certain MS-created services that listen on ports. It has to run in PAE mode. Not every application is protected. Significantly, the user-space apps are not protected. You have to specify /PAE option, despite what MS says [microsoft.com].
  
  This is unfortunate but true, the default for processors that support it really should have been to turn it on for all apps. As it is, you have to go into Control Panel->System->Advanced->Performance->Data Exec Protection and enable it for all apps yourself. It does work quite exactly how it should when you do, tho - warning you and shutting down apps that attempt to execute data as code.
  
  So, moderators. How does the original post deserve such a high ranking? It's factually incorrect on a few points, and just makes general statements about "safety is good". The trend appears to be that early posters get points, and everyone else carps and trolls. What a shit hole slashdot has become. (I can recall when a 90-post story was big news, and most of the posts were useful... but don't get me started.)
  
  So, moderators, how does an AC who posts factually incorrect statements also get a +4 Insightful? Is it just because he said "So, moderators"?
Does it rely... by nathan+s · 2004-12-28 18:13 · Score: 5, Funny

Does this NX thing rely on the evil bit? If so, no wonder it doesn't work! *duck*

--
picpix image polls. create - share - vote. fun!