aslr

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Opera plugs security holes; adds ALSR, DEP support

Opera plugs security holes; adds ALSR, DEP supportASLR is only available on VistaASLR is only available on Vista

Tags: ALSR, ASLR, data execution prevention, Opera Software ASA, security, security hole

Discussion threads 2009-03-03

Apple bolsters QuickTime defenses... or do they?

A couple of great articles came out recently, one from Ryan Naraine and one from our very own Larry Dignan, about some of the defenses that Apple is trying to build into QuickTime to defend Vista users. As we've talked about here before, with Vista, it's all...

Tags: Apple QuickTime, Blog, Microsoft Windows Vista, Apple Inc., Data Execution Prevention, ASLR, David Maynor, Microsoft Windows Vista (Longhorn), Blogging, Digital Music, Digital Media, Operating Systems, Microsoft Windows, Software, Internet, Personal Technology, Consumer Electronics, Nathan McFeters

Blog posts 2008-04-08

Memory randomization (ALSR) coming to Mac OS X Leopard

Memory randomization ALSR coming to Mac OS X LeopardIntresting...Why is Apple implementing all of these security features? I thought that OS X has hack proof.It would be hard to sandbox SafariWeb browsers have all sorts of third party plugins that would break if sandboxed. IE7 on Vista is virtually...

Tags: Operating systems, Planning, Apple Inc., Apple Mac OS X, ALSR, security, Apple Macintosh, Leopard, Apple Mac OS, Microsoft Windows Vista

Discussion threads 2007-10-17

Memory randomization (ASLR) coming to Mac OS X Leopard

Apple has announced plans to add code-scrambling diversity to Mac OS X Leopard, a move aimed at making the operating system more resilient to virus and worm attacks. The security technology, known as ASLR address space layout randomization, randomly arranges the positions of key data areas to...

Tags: Application, Apple Macintosh, Disk, Apple Inc., Microsoft Corp., ASLR, Leopard, Apple Mac OS X, Security, Apple Mac OS, Operating Systems, Software, Ryan Naraine

Blog posts 2007-10-17

Vista's ASLR not so random, but does it matter?

Vista's ASLR not so random, but does it matter?HeapAlloc vs. malloc?malloc is a function whose implementation is defined by whomever wrote the C Runtime Library. In the case of Visual Studio 2005, this function wraps the Windows HeapAlloc function whenever you are running on Windows 2000 or newer. ...

Tags: Microsoft Windows, Microsoft Windows Vista (Longhorn), Operating systems, Windows HeapAlloc, malloc, ASLR, Microsoft Windows Vista

Discussion threads 2007-02-28

Vista's ASLR not so random, but does it matter?

Symantec is using the spotlight of the Black Hat DC 2007 conference to pick apart the security technologies built into Windows Vista.On the heels of its exposé of weaknesses in the UAC user account control mechanism, Symantec rolled out a Vista security portal with three new research papers discussing legacy...

Tags: Pen testing, Black Hat Federal, Data theft, Black Hat, Viruses and Worms, Spyware and Adware, Exploit code, Spam and Phishing, Responsible disclosure, Rootkits, Vulnerability research, Microsoft, Windows Vista, Hackers

Blog posts 2007-02-28

Additional Resources

Firefox hit by multiple drive-by download flaws

Thank god I am still using 3.0.xxxI still don't understand why the need to make all things software larger and more featured. Also I will never understand why people rush to use the latest larger, bloated package...Bigger is always better......that's why we're fat! =DIE still more secure than FF...

Tags: Web browsers, Operating systems, Microsoft Windows, UNIX, Linux, Microsoft Internet Explorer, Mozilla Firefox, JavaScript, NoScript, Microsoft Corp., Web browser

Discussion threads 2009-10-28

Windows 7 puts Vista into perspective: Only a 'failure' in retrospect

The fault lies with MS and Driver manufacturersWe don't criticize macs because they are a package deal, with a price premium to match so they generally work just fine. We don't call for witch hunts of Linux distro's because we expect to have problems and tweaks with Linux, plus it's...

Tags: Microsoft Windows Vista (Longhorn), Operating systems, UNIX, OPEN SOURCE, COMPANIES, Microsoft Windows, Microsoft Windows 7, Microsoft Windows Vista, Linux, Microsoft Corp., Apple Macintosh, Linux Distro, operating system

Discussion threads 2009-10-19

Why you should care about Apple's Snow Leopard

How about security?Update: I have answered my own questions with the precious few details found here: http://www.apple.com/macosx/technology/Are there any security improvements in Snow Leopard? yes, a fewWill the NX/DEP finally be switched on in Safari and all other internet facing programs?Presumably it will be switched on for 64bit programs. All...

Tags: OSX, Apple Inc., Snow Leopard, security

Discussion threads 2009-08-17

Pre-alpha Google Chrome: Fastest Mac OS X browser by 34%

lack of rudimentary functionality!Is that not like saying the engine in my car can rev faster than a Porsche Cayenne if I don't connect it to any wheels and a trailer?Safari on SL will be faster. :P50% increase in Java speed ftw.It crashes a lot on OS X?Huh, this OS...

Tags: Operating systems, Web browsers, OS X version, siren, Web browser, Apple Mac OS, Apple Macintosh, Apple Mac OS X, Chrome, Apple Safari, Linux-version

Discussion threads 2009-08-14

Microsoft Security Essentials beta to be capped at 75,000, kicks off today

Microsoft Security Essentials beta to be capped at 75,000, kicks off todayLast I heard... *edited*OneCare had less false positives then all the other AV/AS software, and scored pretty high in tests.Assuming it's junk just because it's Microsoft kinda makes you look like a... fool.*Edited after realizing I had typed the...

Tags: Desktops, Branding, Microsoft Corp., Microsoft Security Essentials, Microsoft Security Essentials Beta, Microsoft Security, Microsoft Windows 7, public beta, Microsoft Windows

Discussion threads 2009-06-23

Apple eliminates CanSecWest Pwn2Own flaws

Apple eliminates CanSecWest Pwn2Own flawsFault EliminationI did see the SVG fix in your article on 10.5.7's release and your relaying of Apple's attribution of discovery to "Nils." Regarding the IE8 issue, this is difficult to research because the signal to noise ratio is real low, but it looks as though...

Tags: SECURITY, Patches, OSX, IE8, Apple Inc., vulnerability

Discussion threads 2009-05-14

Macs in the enterprise: The security conundrum

Macs in the enterprise: The security conundrumWhat's the big deal here now?You bring in, Linux to the mix, & resolve the ISSUES.Apr 2009, Conficker infects 700 PCs in U of Utah, Macs not affected. AP:"University health sciences spokesman Chris Nelson said the outbreak of the Conficker worm, which can slow...

Tags: Desktops, Cyberthreats, security, Apples OSX, OSX, Apple Macintosh, Apple Inc., virus, vulnerability

Discussion threads 2009-04-27

Not even Apple can protect the dumbest users from themselves

Not even Apple can protect the dumbest users from themselvesDid this botnet pop into creation when it was discovered?[i]This is the first Mac botnet.[/i]Did this botnet pop into creation when it was discovered? No, of course not, it existed [b]before[/b] it was discovered and it was only discovered because it...

Tags: Desktops, Operating systems, dumbest user, Apple Inc., Mac Botnet, Apple Macintosh, Apple Mac OS X

Discussion threads 2009-04-16

Nils2Own: 'I want to see security flaws fixed'

Nils2Own: 'I want to see security flaws fixed'Small one, big one....It was still cracked. Even easier than Windows. Deal with it.You're not allowed to whine "This one's not really that big of a deal", then point out the same kinds of intrusions into Windows systems as proof that MS products...

Tags: Operating systems, Cyberthreats, Apple OSX user, Apple OSX, security, Apple Inc., Linux, Apple Mac OS X, Microsoft Windows, security flaw

Discussion threads 2009-03-23

Nils2Own: 'I want to see security flaws fixed'

VANCOUVER, BC -- Charlie Miller may have dominated the headlines but the undisputed champion of this year's CanSecWest Pwn2Own contest was a hitherto unknown hacker who asked to be identified simply as "Nils." A day after his perfect sweep of the breaking into...

Tags: Apple Macintosh, Mozilla Firefox, Vulnerability, Bug, Microsoft Internet Explorer, Web Browser, Exploit, Web Browsers, Apple Mac OS X, Apple Mac OS, Desktops, Operating Systems, Security, Internet, Software, Hardware, Ryan Naraine

Blog posts 2009-03-23

Pwn2Own trifecta: Hacker exploits IE8, Firefox, Safari

Pwn2Own trifecta: Hacker exploits IE8, Firefox, SafariUgly, just ugly!These guys walks in and out of our machines as they please. No OS and no browser is secure. A determined attacker *will* succeed.Anyone still doubts that the reason that most exploits hits Windows is market share? I'm mildly shocked that it...

Tags: Web browsers, Hacking, Operating systems, SECURITY, takeaway, Web browser, hacker, Apple Safari, IE8, Chrome, Apple Mac OS X, operating system, Linux, Pwn2Own, Mozilla Firefox

Discussion threads 2009-03-18

News to know: Palm; Google; Apple; Yahoo's Bartz; Hacking Safari

Here are today’s notable headlines. You can get News To Know via email alert and RSS daily.  For continuous updates see BNET’s around-the-Web tech coverage. Larry Dignan: Palm: Demand tanks ahead of Pre launch; Pre needs to save the day Andrew Nusca: Google CEO Schmidt: China 'obvious prize,' Twitter 'poor...

Tags: Google Inc., Larry Dignan, Apple Macintosh, Hacking, Apple Intel Mac Mini, Yahoo! Inc., Palm Inc., Apple Inc., Desktops, Hardware

Blog posts 2009-03-04

Opera plugs security holes; adds ASLR, DEP support

Opera Software has shipped a high-priority security patch for its flagship Web browser to plug at least three vulnerabilities that expose Windows users to code execution and cross-domain scripting attacks. The Opera 9.64 upgrade also adds support for DEP Data Execution Prevention and ASLR (Address Space...

Tags: Data Execution Prevention, Opera Software ASA, Ryan Naraine, Security, Viruses And Worms

Blog posts 2009-03-03

Bypassing Windows Server 2008 Password Protection

Windows Server 2008 is the most recent operating system release for Microsoft Windows Server line. It is based on Windows NT 6.0 SP1 kernel, like Windows Vista; therefore it shares much of the same architecture and technology as Windows Vista including new futures such as security, management and administrative futures....

Tags: Password Protection, Microsoft Windows Server, Microsoft Windows, Microsoft Windows Server 2008, Operating Systems, Servers, Software, Hardware

White papers 2009-01-29