The war between black hat hackers and the organizations that make operating systems will be one that rages for a long time to come.
No matter how many steps forward that one side seems to take, the other always finds a way to beat it eventually.
There will always be some new technology that is able to stop an attack.
And, after it is released, a couple of weeks later there will be some new way to either stop or circumvent it.
One of the techniques that is not new but is getting better is DEP.
Data Execution Prevention – DEP
DEP stands for Data Execution Prevention and it has been around since Windows since XP service pack 2.
I will talk a little about how the technique works and how it is being improved with each version.
In earlier versions of Windows and other operating systems you were able to execute code in memory where it was not supposed to be executed.
In earlier times to stop this they made it almost impossible to get to that area of code.
But of course that didn’t work.
Black hat hackers were able to take advantage of whatever new exploit was out at the moment and they were able to get to that area of memory anyway.
So the creators of the operating system took the next step and made it so that code was not able to be activated unless it was in a part of memory that was designated safe to execute.
That was the beginning of DEP.
Address Space Layout Randomization – ASLR
Even though this was a step in the right direction, DEP was not enough so Microsoft also added ASLR to their security measures as well.
The letters ASLR stand for Address Space Layout Randomization.
This feature ensures that your code will not have one steady address where it will execute.
They needed to add ASLR in combination with DEP so that they could avoid any “call to libc” attacks.
“Call to libc” attacks, which involve buffer overflows, can be very dangerous and it was very important that it was stopped.
There are two types of DEP – software and hardware.
The hardware DEP is considered the better of the two and it will allow you to have more protection.
Unfortunately, some computers do not have the ability to run the DEP hardware version so they have to run the software version instead.
It is still very effective but not as effective as the hardware version of the protection.
The fact that Windows 7 uses DEP with the combination of ASLR will make your computer a lot safer in the long run.
Both of these techniques stop a lot of attacks that could happen while you use your computer.
Read more on Windows 7 Security