PDA

View Full Version : Intel CEO spends hours keeping spyware off his daughter's P...


MacBytes
May 25, 2005, 01:16 PM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: Opinion/Interviews
Link: Intel CEO spends hours keeping spyware off his daughter's PC, admits Macs are the answer to security for now (http://www.macbytes.com/link.php?sid=20050525141600)

Posted on MacBytes.com (http://www.macbytes.com)
Approved by Mudbug

wordmunger
May 25, 2005, 01:33 PM
Hooboy! I bet he wishes he could take that quote back! Dang!

Cooknn
May 25, 2005, 01:48 PM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: Opinion/Interviews
Link: Intel CEO spends hours keeping spyware off his daughter's PC, admits Macs are the answer to security for now (http://www.macbytes.com/link.php?sid=20050525141600)

Posted on MacBytes.com (http://www.macbytes.com)
Approved by MudbugHe didn't really say that Mac's are the answer. The article quotes him "If you want to fix it tomorrow, maybe you should buy something else. Not exactly how this thread is titled :rolleyes:

nagromme
May 25, 2005, 01:51 PM
Right, but that was his carefully-worded answer to a specific QUESTION about whether using a Mac instead of a Wintel PC is the solution.

He made sure "use a Mac" wasn't in a quotable quote, but he answered the question and made the admission nonetheless.

jsw
May 25, 2005, 01:57 PM
For those who choose not to read the article, the referred-to section is:
Pressed about security by Mr. Mossberg, Mr. Otellini had a startling confession: He spends an hour a weekend removing spyware from his daughter's computer. And when further pressed about whether a mainstream computer user in search of immediate safety from security woes ought to buy Apple Computer Inc.'s Macintosh instead of a Wintel PC, he said, "If you want to fix it tomorrow, maybe you should buy something else."

2GMario
May 25, 2005, 02:03 PM
funny that this comes days after the Apple and Intel rumor

connection ?

Cooknn
May 25, 2005, 02:11 PM
Right, but that was his carefully-worded answer to a specific QUESTION about whether using a Mac instead of a Wintel PC is the solution.Sounded to me like a reporter who uses a Mac was pushing for the answer he wanted to hear :cool:

nagromme
May 25, 2005, 02:18 PM
Of course he was--he uses Macs for a reason--and he GOT that answer :)

Note that the answer wasn't "Linux"...

Applespider
May 25, 2005, 02:32 PM
Note that the answer wasn't "Linux"...

Nor was it, and probably more tellingly, 'Of course not, Windows is perfectly fine once you have your virus/firewall software sorted out'

mkubal
May 25, 2005, 02:35 PM
funny that this comes days after the Apple and Intel rumor

connection ?


No, coincidence. Why does everything have to be a conspiracy?

"If you want to fix it tomorrow, maybe you should buy something else."

I mean, if you're one of those weirdos who want things to work right without a hassle. Then yeah, maybe you should go get yourself a different operating system. Sissy. :rolleyes:

narco
May 25, 2005, 02:45 PM
Then why doesn't he buy his daughter a Mac?

Fishes,
narco.

Flowbee
May 25, 2005, 03:07 PM
Then why doesn't he buy his daughter a Mac?

For the same reason that the CEO of Pepsi probably doesn't have a six-pack of Coke in the fridge. ;)

iJaz
May 25, 2005, 03:20 PM
For the same reason that the CEO of Pepsi probably doesn't have a six-pack of Coke in the fridge. ;)
Because it's bad for your teeth? :confused:

;) :p

Mudbug
May 25, 2005, 03:27 PM
I think it even more telling that the head of Intel doesn't take the time to set the firewall/spyware/antivirus stuff for his daughter on thier home computer. He'd rather spend 1 hour per weekend cleaning all that crap off.

Want a good look at the average joe computer user at home? I think you just got one.

mkrishnan
May 25, 2005, 03:43 PM
For the same reason that the CEO of Pepsi probably doesn't have a six-pack of Coke in the fridge. ;)

Not to mention that this is an Intel exec and not an MS exec. He doesn't need to buy his daughter a Mac to get rid of spyware and adware... Linux does that just fine. Come on, now, let's be honest. Firefox on XP does that almost as well as Linux does....

iMeowbot
May 25, 2005, 03:46 PM
In the same talk, he also made an effort to note that security isn't something that can magically be fixed overnight in hardware -- as in, don't blame us for Windows, intel just make the hardware.

Neuro
May 25, 2005, 05:07 PM
In the same talk, he also made an effort to note that security isn't something that can magically be fixed overnight in hardware -- as in, don't blame us for Windows, intel just make the hardware.

Exactly, - if you want to run Windows then you have to deal with the associated problems like any OS, but who cares - most people want to run Windows, so Intel still makes their dosh!

Sounds to me like a switched on kind of guy. Intel chips are good, most people just don't like the current Windows OS. Way too many people treat them as the same company.

I have a lot of respect or a CEO who deals in reality rather than marketing...

solvs
May 25, 2005, 05:40 PM
I think it even more telling that the head of Intel doesn't take the time to set the firewall/spyware/antivirus stuff for his daughter on thier home computer. He'd rather spend 1 hour per weekend cleaning all that crap off.

Want a good look at the average joe computer user at home? I think you just got one.
Even when I set my work machine's software firewall on high (we have a hardware firewall as well), have several anti-spyware apps running, and virus scanners on both the machine and the server, never download any programs or ss or anything, as well as run FireFox as much as I can... I still somehow get the stuff. Some users machines that I have to trouble shoot are even worse, and we've do all of the above and lock them down tight. It's a lot of effort and yet we still have issues. Kinda funny to know the big wigs have the same problems.

But still, me thinks his daughter d/l's too much freeware and porn via IE. :p

nagromme
May 25, 2005, 05:55 PM
Something I didn't realize until recently:

x86 chip hardware is part of the Wintel security problem. Not just the many flaws in Windows itself.

An example is discussed here:
http://www.cio-today.com/story.xhtml?story_id=12100002EAEW

"...attacks on Wintel tend to have two parts: A software vulnerability is exploited to give a remote attacker access to the x86 hardware and that access is then used to gain control of the machine...

"The vulnerability exists in Microsoft's code, but the exploit depends on the rigid stack-order execution and limited page protection inherent in the x86 architecture. If Windows ran on Risc, that vulnerability would still exist, but it would be a non-issue because the exploit opportunity would be more theoretical than practical.

Linux and open-source applications are thought to have far fewer software vulnerabilities than Microsoft's products, but Linux on Intel is susceptible to the same kind of attacks as those now predominantly affecting Wintel users. For real long-term security improvements, therefore, the right answer is to look at Linux, or any other Unix, on non x86 hardware.

One such option is provided by Apple's BSD-based products on the PowerPC-derived G4 and G5 CPUs."

(Emphasis added.)

plinden
May 25, 2005, 06:06 PM
Even when I set my work machine's software firewall on high (we have a hardware firewall as well), have several anti-spyware apps running, and virus scanners on both the machine and the server, never download any programs or ss or anything, as well as run FireFox as much as I can... I still somehow get the stuff. Some users machines that I have to trouble shoot are even worse, and we've do all of the above and lock them down tight. It's a lot of effort and yet we still have issues. Kinda funny to know the big wigs have the same problems.
Wow. I diss Windows as much as anyone (I do have to work with it everyday, after all) but I don't really go out much of my way to keep my PC safe (I have a router, and one virus scanner, and use MSIE only for updates). In more than 15 years of using PCs, I've never had anything more serious than a tracking cookie, except for a virus that infected a work PC when a cow-orker (yes, he orked cows) used an infected floppy on it.

iMeowbot
May 25, 2005, 06:32 PM
"The vulnerability exists in Microsoft's code, but the exploit depends on the rigid stack-order execution and limited page protection inherent in the x86 architecture. If Windows ran on Risc, that vulnerability would still exist, but it would be a non-issue because the exploit opportunity would be more theoretical than practical.

Yikes, that is some dangerous wording. Stack overflows can be harder to exploit under some RISC implementation, but buffer overflows are another story. For example, nemo's overflow exploit, addressed by 10.3 security update 2005-004, reliably opened a root shell. (We're rather lucky that nemo is one of the good guys, that's one devious kitty.)

Analog Kid
May 25, 2005, 06:56 PM
[Deleted-- realized what I thought was new to the discussion was actually mentioned in the article...]

Analog Kid
May 25, 2005, 07:09 PM
Yikes, that is some dangerous wording. Stack overflows can be harder to exploit under some RISC implementation, but buffer overflows are another story. For example, nemo's overflow exploit, addressed by 10.3 security update 2005-004, reliably opened a root shell. (We're rather lucky that nemo is one of the good guys, that's one devious kitty.)
So, what's the difference between a stack overflow and a buffer overflow? Seems to me that overflowing a buffer in the heap is just a shot in the dark (and likely to throw a seg fault) while overflowing a buffer on the stack lets you get to the program counter...

I might be wrong about this, but my understanding was that some of the reason the PPC is harder to root is that you can't execute code from data memory. On x86 memory is memory and you can execute from a data segment but on PPC there are separate code and data segments (all in one big happy DRAM bank mind you...).

I'm quoting that from vague memory-- can anyone confirm it?

nagromme
May 25, 2005, 08:02 PM
Analog Kid - that sounds like what I read somewhere recently about PPC vs. x86--about an overflow on PPC needing a lot more blind luck, and about two separated memory areas--but I'm afraid I don't recall where.

iMeowbot
May 25, 2005, 09:00 PM
So, what's the difference between a stack overflow and a buffer overflow? Seems to me that overflowing a buffer in the heap is just a shot in the dark (and likely to throw a seg fault) while overflowing a buffer on the stack lets you get to the program counter...

PPC uses a very different calling convention from X86, so of course the same exploit conventions wouldn't work. And it doesn't really matter, since the two aren't even nominally binary compatible.

In brief, there isn't a practical way to take over the executing function, but it's not at all hard to overwrite the return address of its caller. So, it's only a small and very predictable amount of data that has to be pushed out into the stack, and then it's back to memry which is very predictable.

Execution in or out of order isn't too big of a deal here, since that address stil has to be pushed back into lr sooner or later.

I might be wrong about this, but my understanding was that some of the reason the PPC is harder to root is that you can't execute code from data memory. On x86 memory is memory and you can execute from a data segment but on PPC there are separate code and data segments (all in one big happy DRAM bank mind you...).

See, that's the thing, control is gained by depositing an address, you can add code rather than alter.

[edit] Ah, found the link, here (http://fux0r.phathookups.com/whitepapers/PPC%5B1%5D.OSX.SA.pdf). It explains the typical sort of vulnerability, including example vulnerable code, and shows how it is exploited. This is good reading for anyone writing PPC software, to help understand what mistakes really need to be avoided.

bentley
May 26, 2005, 11:56 AM
he should tell his daughter to stop looking at porn and downloading warez

It's relatively easy to keep a PC clean without doing an hour per weekend.

Not as effortless as a Mac but it's not some uncontrollable plague type deal if you know what you're doing.

Applespider
May 26, 2005, 12:26 PM
Not as effortless as a Mac but it's not some uncontrollable plague type deal if you know what you're doing.

Key Quote - if you know what you're doing, which the average consumer doesn't. I know people who have very few problems with their XP machines but I know a lot more who do, and a few who have given up using their home machines except in emergencies because they're so slowed down and they don't know how to fix them.

nagromme
May 26, 2005, 01:05 PM
Furthermore: I don't want to have to know what I'm doing!

I want to know how to create, game, communicate... how to USE my computer. Not how to MAINTAIN my computer.

The latter task asks a lot more of you on Windows--time AND expertise--and I don't know why so many people find that acceptable.

So often people say something that amounts to "Windows is basically good enough if you have the technical training you ought to have, and take extra precautions." (Often that includes third-party utils and paid anti-virus services too.)

Analog Kid
May 27, 2005, 03:10 AM
In brief, there isn't a practical way to take over the executing function, but it's not at all hard to overwrite the return address of its caller. So, it's only a small and very predictable amount of data that has to be pushed out into the stack, and then it's back to memry which is very predictable.

Execution in or out of order isn't too big of a deal here, since that address stil has to be pushed back into lr sooner or later.

See, that's the thing, control is gained by depositing an address, you can add code rather than alter.

Right, this is well understood. My question was about the distinction you were making between stack overflows and buffer overflows... The exploit you are describing sounds like overflowing into another stack frame to corrupt the return address. Yes, it is accomplished by overflowing a buffer-- but it is overflowing a buffer on the stack. Sounds like two phrases for the same technique. If you are describing the simpler buffer overflow, I'm not sure what a stack overflow would be...