From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: To: DAGwyn@null.net, 9fans@cse.psu.edu Subject: Re: [9fans] pathetic From: dbailey27@ameritech.net In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Date: Thu, 26 Feb 2004 08:42:34 -0500 Topicbox-Message-UUID: f9c66d84-eacc-11e9-9e20-41e7f4b1d025 > The attacker gets less > control if he can't force-feed instructions, but he can still > wreak havoc. Not to mention the fact that we don't know how much a given OS is going to implement the new paging semantics, if at all. For all we know, Microsoft could use the media hype surrounding this *miraculous* NE bit to fuel sales for their "professional" line of server or business platforms. Use a cheaper Windows and you might get hacked! Obviously, we still haven't begin to poke at the semantics behind heap pages being executable. You may overflow a buffer in a NE page, but can you point to an executable heap page you've previously written to? There are a million-and-one more scenarios here we've all hashed over more than once. This doesn't change a thing but an increase in AMD's stock value, and Microsoft's later when they implement, then promote it. I've got no problem with capitalism, but let's look at the facts. This only alters an attacker's method. It doesn't even make them step in to uncharted territory. Don (north_)