Linked by Thom Holwerda on Thu 16th Aug 2007 23:25 UTC, submitted by Jonas Persson
"Gutmann generated a lot of heat last December with the publication of a paper that called Windows Vista's Content Protection scheme 'the longest suicide note in history'. He updated it in April, mostly to call his critics names, and he updated it yet again yesterday with a top-of-the-page slam at my ZDNet colleague George Ou, who took exception with some of Gutmann's claims yesterday. Gutmann has a flair for melodramatic language and headline-grabbing phrases, but his theoretical arguments against Vista's video subsystem fall apart quickly when they make contact with the real world."
Thread beginning with comment 264832
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-12-18
"I see nothing in what you have shown me, and nothing that I could find on technet, that makes me believe otherwise. Stop yelling and either prove it with relevant links, or just give up"
I have provided an accurate explanation of HOW NX works in x86 architectures. Details YOU YOURSELF can verify with windbg by viewing the PTE's on NX protected pages. Furthermore, 1 minute spent googling NX and PAE will net you plenty of documentation that confirms my FACTUAL statements that NX is a function of the PAE spec and that a PAE enabled kernel and a PAE mode capable processor is required for NX (hardware DEP) support with all 32bit x86 Operating Systems.
I am astonished that you continue to pursue this topic when your grasp of the topic at hand so clearly indicates you are beyond your depth. Arguing that PAE and NX are separate is like arguing that the sky is green. Anyone who has spent 15 minutes reading even the most rudimentary documentation on the subject knows that the NX implementation for 32bit x86 systems is specifically and intrinsically linked to PAE. END OF STORY.
If you wish to LEARN something about PAE and NX, go back and read my posts (or ignore them) and read the linked info below. This is my last post on this subject.
Starting with an article from AMD (the company that extended the PAE spec to include NX, a solution Intel later adopted as XD):
http://developer.amd.com/articlex.jsp?id=143
"When used on a 32-bit operating system, the OS has to support Physical Address Extension mode, also known as PAE; you can't use NX if the processor is only doing normal paging. PAE mode is supported by most modern 32-bit operating systems."
http://support.microsoft.com/kb/875352
"Beginning with Windows XP SP2, the 32-bit version of Windows uses one of the following:
• The no-execute page-protection (NX) processor feature as defined by AMD.
• The Execute Disable Bit (XD) feature as defined by Intel.
To use these processor features, the processor must be running in Physical Address Extension (PAE) mode. However, Windows will automatically enable PAE mode to support DEP. Users do not have to separately enable PAE by using the /PAE boot switch."
http://technet.microsoft.com/en-us/library/bb457155.aspx
"Beginning with Windows XP Service Pack 2, the 32-bit version of Windows utilizes the no-execute page-protection (NX) processor feature as defined by AMD or the Execute Disable bit feature as defined by Intel. In order to use these processor features, the processor must be running in Physical Address Extension (PAE) mode."
http://kerneltrap.org/node/3240 - Linux x86 NX support
" What does this patch do? The pagetable format of current x86 CPUs does not have an 'execute' bit. This means that even if an application maps a memory area without PROT_EXEC, the CPU will still allow code to be
executed in this memory. This property is often abused by exploits when they manage to inject hostile code into this memory, for example via a buffer overflow.
The NX feature changes this and adds a 'dont execute' bit to the PAE pagetable format. But since the flag defaults to zero (for compatibility reasons), all pages are executable by default and the kernel has to be taught to make use of this bit."