AMD/ATI Video Drivers: Unsafe At Any Speed 261
An anonymous reader writes "CERT/CC has called out AMD for having insecure video drivers. AMD/ATI video drivers are incompatible with system-wide ASLR. 'Always On' DEP combined with 'Always On' ASLR are effective exploit mitigations. However, most people don't know about 'Always On' ASLR since Microsoft had to hide it from EMET with an 'EnableUnsafeSettings' registry key — because AMD/ATI video drivers will cause a BSOD on boot if 'Always On' ASLR is enabled."
Re:There is nothing in this story connecting ATI/A (Score:5, Informative)
The CERT article mentions it, and it mentions it in that you cannot use the DEP/ASLR protections (in the kernel) because ATI/AMD make an incompatible driver. And since graphics drivers are kernel things, loading them means the kernel must disable DEP/ASLR, making your machine just that much less secure because of it.
Re:AOD (Score:5, Informative)
aslr = a way to secure your memory so it's harder for malware to run attacks.
EMET = a bunch of tools that windows uses to secure the machine. aslr is one of these tools
bsod = blue screen of death. your computer is frozen
AMD = a company that was formerly known for making computer chips, but is now in the graphics card business
ATI = a graphics card manufacturer that AMD bought.
DEP = another tool in the EMET toolkit.
cert/cc = an organization that is viewed as an authority on computer stuff.
in short, AMD drivers suck so much that microsoft has to override its own computer protections to keep AMD from crashing your machine. so the drivers are not just unstable, they make your machine more vulnerable to malware. cert says, "epic fail".
Re:ASLR (Score:5, Informative)
Re:AMD's proprietary Linux driver is secure... (Score:5, Informative)
But it still showed you the article content! (Score:4, Informative)
... you failed to mention that. Oh, right. Your goal was to be sensational. Carry on.
Re:AOD (Score:4, Informative)
Uhh, no. Windows DLLs have always been relatively addressed, and are capable of being loaded at different locations in the virtual address space (google "rebasing"). However, for performance reasons, most DLLs specify a preferred address the loader will attempt to slot them into. All system DLLs specify this, which results in their routines being loaded at predictable addresses (even across machines).
ASLR means that, on boot, a different location is chosen in the virtual address space to load DLLs into, so that system routines are not always at the same location, making certain types of security exploitation significantly harder.