Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

The value of DEP


hake
 Share

Recommended Posts

The ramblings and ravings of a demented Fortran programmer
(I never did get the hang of OOP)

 

I have a few old computers running Windows XP.  The trouble with old computers is that they lack the hardware feature which allows DEP to work.  I use an alternative to hardware DEP called BufferShield (created by Andreas Denter of sys-manage.com) which provides the equivalent of the Linux PaX solution through software.  Unfortunately BufferShield's drivers can conflict with unidentified drivers (possibly sound card or display screen), especially on laptops so I am without protection against data execution on those computers.  Nice thing the traditional PC.  You can readily swap hardware to get round driver conflicts.

 

This meandering preamble leads to my question which is that without data execution protection how much point is there in having the other protections that MBAE provides?  I note that MBAE provides DEP bypass protection and wonder if this also makes it harder for an exploit to execute data on a machine without hardware DEP.

 

MBAE now prevents finger printing of systems so I guess that one of the characteristics hackers are seeking to identify is lack of DEP, or are non-DEP systems now so rare as to be not worth the bother of finger print checking for the lack of DEP?  Might finger printing look for the existence of BufferShield on a system?  I have a feeling that BufferShield is now in the category of security through obscurity.

 

Best wishes for a Happy New Year to you all and, by the grace of Malwarebytes, may you be untroubled by exploits.

Link to post
Share on other sites

  • 2 weeks later...

Using MBAE on a system with a processor without an Nx bit is like using MBAE on a VM.  Perhaps I should have worded my opening post this way in the first place and so achieved more success in sparking a discussion. 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.