1. Welcome to the new MacRumors forums. See our announcement and read our FAQ

Intel CEO spends hours keeping spyware off his daughter's P...

Discussion in 'MacBytes.com News Discussion' started by MacBytes, May 25, 2005.

  1. macrumors bot

  2. macrumors 603

    wordmunger

    #2
    Hooboy! I bet he wishes he could take that quote back! Dang!
     
  3. macrumors 68020

    Cooknn

    #3
  4. macrumors G5

    nagromme

    #4
    Right, but that was his carefully-worded answer to a specific QUESTION about whether using a Mac instead of a Wintel PC is the solution.

    He made sure "use a Mac" wasn't in a quotable quote, but he answered the question and made the admission nonetheless.
     
  5. jsw
    Moderator emeritus

    jsw

    #5
    For those who choose not to read the article, the referred-to section is:
     
  6. macrumors regular

    #6
    funny that this comes days after the Apple and Intel rumor

    connection ?
     
  7. macrumors 68020

    Cooknn

    #7
    Sounded to me like a reporter who uses a Mac was pushing for the answer he wanted to hear :cool:
     
  8. macrumors G5

    nagromme

    #8
    Of course he was--he uses Macs for a reason--and he GOT that answer :)

    Note that the answer wasn't "Linux"...
     
  9. macrumors G4

    Applespider

    #9
    Nor was it, and probably more tellingly, 'Of course not, Windows is perfectly fine once you have your virus/firewall software sorted out'
     
  10. macrumors 6502a

    #10

    No, coincidence. Why does everything have to be a conspiracy?

    I mean, if you're one of those weirdos who want things to work right without a hassle. Then yeah, maybe you should go get yourself a different operating system. Sissy. :rolleyes:
     
  11. macrumors 65816

    narco

    #11
    Then why doesn't he buy his daughter a Mac?

    Fishes,
    narco.
     
  12. macrumors 68030

    Flowbee

    #12
    For the same reason that the CEO of Pepsi probably doesn't have a six-pack of Coke in the fridge. ;)
     
  13. macrumors 6502a

    iJaz

    #13
    Because it's bad for your teeth? :confused:

    ;) :p
     
  14. Administrator emeritus

    Mudbug

    #14
    I think it even more telling that the head of Intel doesn't take the time to set the firewall/spyware/antivirus stuff for his daughter on thier home computer. He'd rather spend 1 hour per weekend cleaning all that crap off.

    Want a good look at the average joe computer user at home? I think you just got one.
     
  15. Moderator emeritus

    mkrishnan

    #15
    Not to mention that this is an Intel exec and not an MS exec. He doesn't need to buy his daughter a Mac to get rid of spyware and adware... Linux does that just fine. Come on, now, let's be honest. Firefox on XP does that almost as well as Linux does....
     
  16. macrumors G3

    iMeowbot

    #16
    In the same talk, he also made an effort to note that security isn't something that can magically be fixed overnight in hardware -- as in, don't blame us for Windows, intel just make the hardware.
     
  17. macrumors regular

    Neuro

    #17
    Exactly, - if you want to run Windows then you have to deal with the associated problems like any OS, but who cares - most people want to run Windows, so Intel still makes their dosh!

    Sounds to me like a switched on kind of guy. Intel chips are good, most people just don't like the current Windows OS. Way too many people treat them as the same company.

    I have a lot of respect or a CEO who deals in reality rather than marketing...
     
  18. macrumors 603

    solvs

    #18
    Even when I set my work machine's software firewall on high (we have a hardware firewall as well), have several anti-spyware apps running, and virus scanners on both the machine and the server, never download any programs or ss or anything, as well as run FireFox as much as I can... I still somehow get the stuff. Some users machines that I have to trouble shoot are even worse, and we've do all of the above and lock them down tight. It's a lot of effort and yet we still have issues. Kinda funny to know the big wigs have the same problems.

    But still, me thinks his daughter d/l's too much freeware and porn via IE. :p
     
  19. macrumors G5

    nagromme

    #19
    Something I didn't realize until recently:

    x86 chip hardware is part of the Wintel security problem. Not just the many flaws in Windows itself.

    An example is discussed here:
    http://www.cio-today.com/story.xhtml?story_id=12100002EAEW

    "...attacks on Wintel tend to have two parts: A software vulnerability is exploited to give a remote attacker access to the x86 hardware and that access is then used to gain control of the machine...

    "The vulnerability exists in Microsoft's code, but the exploit depends on the rigid stack-order execution and limited page protection inherent in the x86 architecture. If Windows ran on Risc, that vulnerability would still exist, but it would be a non-issue because the exploit opportunity would be more theoretical than practical.

    Linux and open-source applications are thought to have far fewer software vulnerabilities than Microsoft's products, but Linux on Intel is susceptible to the same kind of attacks as those now predominantly affecting Wintel users. For real long-term security improvements, therefore, the right answer is to look at Linux, or any other Unix, on non x86 hardware.

    One such option is provided by Apple's BSD-based products on the PowerPC-derived G4 and G5 CPUs."


    (Emphasis added.)
     
  20. macrumors 68040

    plinden

    #20
    Wow. I diss Windows as much as anyone (I do have to work with it everyday, after all) but I don't really go out much of my way to keep my PC safe (I have a router, and one virus scanner, and use MSIE only for updates). In more than 15 years of using PCs, I've never had anything more serious than a tracking cookie, except for a virus that infected a work PC when a cow-orker (yes, he orked cows) used an infected floppy on it.
     
  21. macrumors G3

    iMeowbot

    #21
    Yikes, that is some dangerous wording. Stack overflows can be harder to exploit under some RISC implementation, but buffer overflows are another story. For example, nemo's overflow exploit, addressed by 10.3 security update 2005-004, reliably opened a root shell. (We're rather lucky that nemo is one of the good guys, that's one devious kitty.)
     
  22. macrumors 68030

    Analog Kid

    #22
    [Deleted-- realized what I thought was new to the discussion was actually mentioned in the article...]
     
  23. macrumors 68030

    Analog Kid

    #23
    So, what's the difference between a stack overflow and a buffer overflow? Seems to me that overflowing a buffer in the heap is just a shot in the dark (and likely to throw a seg fault) while overflowing a buffer on the stack lets you get to the program counter...

    I might be wrong about this, but my understanding was that some of the reason the PPC is harder to root is that you can't execute code from data memory. On x86 memory is memory and you can execute from a data segment but on PPC there are separate code and data segments (all in one big happy DRAM bank mind you...).

    I'm quoting that from vague memory-- can anyone confirm it?
     
  24. macrumors G5

    nagromme

    #24
    Analog Kid - that sounds like what I read somewhere recently about PPC vs. x86--about an overflow on PPC needing a lot more blind luck, and about two separated memory areas--but I'm afraid I don't recall where.
     
  25. macrumors G3

    iMeowbot

    #25
    PPC uses a very different calling convention from X86, so of course the same exploit conventions wouldn't work. And it doesn't really matter, since the two aren't even nominally binary compatible.

    In brief, there isn't a practical way to take over the executing function, but it's not at all hard to overwrite the return address of its caller. So, it's only a small and very predictable amount of data that has to be pushed out into the stack, and then it's back to memry which is very predictable.

    Execution in or out of order isn't too big of a deal here, since that address stil has to be pushed back into lr sooner or later.

    See, that's the thing, control is gained by depositing an address, you can add code rather than alter.

    [edit] Ah, found the link, here. It explains the typical sort of vulnerability, including example vulnerable code, and shows how it is exploited. This is good reading for anyone writing PPC software, to help understand what mistakes really need to be avoided.
     

Share This Page