-
AnyStream is having some DRM issues currently, Netflix is not available in HD for the time being.
Situations like this will always happen with AnyStream: streaming providers are continuously improving their countermeasures while we try to catch up, it's an ongoing cat-and-mouse game. Please be patient and don't flood our support or forum with requests, we are working on it 24/7 to get it resolved. Thank you.
ASLR support
- Thread starter reca
- Start date
- Joined
- Oct 22, 2005
- Messages
- 21,802
- Likes
- 3,787
ASLR means Address Space Layout Randomization.
Source: http://msdn.microsoft.com/en-us/library/bb430720.aspx
I didn't verify if Virtual Clone supports DEP, but DEP and ASLR should be used together.
DEP is also mentioned in the same link.
More:
http://blogs.msdn.com/b/michael_how...ce-layout-randomization-in-windows-vista.aspx
http://msdn.microsoft.com/en-us/library/bb384887.aspx
I'm sure you'll find more info on both ASLR and DEP, by searching MSDN library.
Thanks
- Joined
- Oct 22, 2005
- Messages
- 21,802
- Likes
- 3,787
Thanks, I'll forward this to the people in charge.
Its another useless microsoft 'security' thing, and its easy to get the addresses of dlls etc in a process without apis, theres quite a few rootkits out there that do it.. As for dep, thats a joke too..there are at least two methods to backdoor it (ie: get windows to turn it off for the process..and its easily visible in the code), and one api call to disable it in the current process or in another process.
Note that i am being deliberately vague and not going into details but believe me.. Dep and aslr in windows is about as good as a chocolate fireguard.. Also dep was enabled by default in xp sp2, using hardware nx flag (if supported) or software mode... In essence it doesnt allow code to be executed from stack (unless backdoor or api call is used) or from an area of memory not marked as PAGE_EXECUTE... nothing a VirtualProtect / VirtualProtectEx call cant fix..and not many viruses / rootkits execute code on the stack nowadays anyway....
Note that i am being deliberately vague and not going into details but believe me.. Dep and aslr in windows is about as good as a chocolate fireguard.. Also dep was enabled by default in xp sp2, using hardware nx flag (if supported) or software mode... In essence it doesnt allow code to be executed from stack (unless backdoor or api call is used) or from an area of memory not marked as PAGE_EXECUTE... nothing a VirtualProtect / VirtualProtectEx call cant fix..and not many viruses / rootkits execute code on the stack nowadays anyway....
Last edited:
I suppose you know your stuff...
Vague... Providing no details... I'll trust you...
No one (Microsoft, etc) ever said that DEP and ASLR are the silver-bullet. They aren't. But they do make it harder for processes to be exploited, untill developers of the different applications patch their apps.
Windows 8 will step up in terms of attacks mitigation, including improved ASLR.
Sometime ago a friend told me this: Any security implementation is useless, because, at some point, everything gets breached. Not necessarily related to computers, but everything in life.
The question is: If the means to make such breach harder exist, then why not make the breach harder and mitigate it?
It's like diseases. Are we free from them? No. Can we make it harder for them to breach our defenses and mitigate what they do? Yes, we can.