Security software can reduce effectiveness of DEP/ASLR

My opinion is that if all of us took these reports too seriously, we'd likely just be sitting here with an OS and a browser. That would bore the hell out of me. Theoretical situations make for interesting reading, but I'm more concerned (as a home user) with the likely scenarios.

 

Like I said, if I thought it was a security issue I would do that. In this case having 7zip in my context menu far outweighs the security issues of having it there.

I don't put security in front of ease-of-use or performance.

 

Not even with an OS and browser. lol

By the way, I did come across a thread over Microsoft's forums, before EMET was officially supported, regarding EMET and security software. In this case about MSE.

http://social.technet.microsoft.com/Forums/da/emet/thread/1a949093-59b7-4aa5-9fe0-3b45a6e2f6da

Judging by the answer, the only possible issue would be a compatibility problem, given specific scenarios (regardless of the application). But, the person, who I believe to belong to EMET team never brought up security issues.

-edit-

It's interesting to also read this, which is linked in the thread:

http://answers.microsoft.com/en-us/...8-38d35aa3b26e?tm=1311626229924&page=1#footer

P.S: I'm not saying one should add ... or that one shouldn't. Just found it curious the different approaches. lol

 

OS and a browser? Psh, why not just combine the two? =p

 

Same here. I hate to use the term "average user" again, but for them, any security that gets in their way or makes things more complicated, is security that will quickly get tossed. Context menus might open more doors, but darn if making me run off to manually open up 7zip, MBAM and what have you, just to scan a file, is going to happen.

 

Because Chrome OS is useless to a guy like me...you and your Chrome advertising Opera needs you badly

 

Thats fine. I was just basing my statements off what you initially said. I disagree with ease-of-use. Part of my security setup is not consider easy to use by some standards but I still chose to use it as the benefits outweigh its easy to use factor. Performance I do agree with.

 

Haha, well they'd have to match Google's payroll! >_>

I'd be curious to hear why you think it's useless to you in another topic though. I realize it's not for everyone, don't get me wrong, but I also find that most people don't realize how versatile it can be.

 

I will never put security before ease-of-use. That's part of my "philosophy" on security.

 

Well as I said before I disagree. Thats your philosophy not mines. And I don't use the word "never" either because a time can come where you have make an exception.

 

I know =p and I wouldn't presume to tell you you're wrong. My philosophy is mine and some agree and some don't.

 

Neither would I. But of course thats why its your philosophy .

 

For those using 7-zip, this should be reassuring...

http://sourceforge.net/tracker/?func=detail&atid=364481&aid=3160892&group_id=14481

 

If it's ASLR compatible I don't know why they don't just enable it.

Oh well.

 

I don't use 7-zip so I guess it wouldn't apply to me LOL. Nice info though moon.

 

Not even in its best of times could it match Google's payroll..but not many others want to be one gigantic advertising agency either I don't need to open another topic to tell you why I won't use Chrome OS. I play with my computer too much. I download programs, I watch movies (not just streams), I detest cloud storage, I play a lot of games. Therefore, Chrome OS would be handcuffing me..and I hate handcuffs.

 

Thanks for this info, m00nbl00d. I've only got two culprits: nVidia (nvshext.dll) and Snagit (SnagitShellExtRes.dll)

 

I seem to only have one culprit (AIMP) AIMP3_menu.dll

Edit: Make that two culprits. I seemed to have missed one, PuranDefrag.dll lol

 

A lot of programs that do it don't have an option to disable it, and uninstalling them all is a bit extreme. When I have time tomorrow I'll notify the vendors I tested and we'll see whether they want to fix it or not. Then it's time to uninstall

 

By the way, does anyone know if the 7-zip developer happens to have an e-mail contact? I really don't feel like registering at Source Forge. I'm already registered in a few places and if I keep registering I'll loose my head.

I'm surprised the guy doesn't even have an e-mail contact? Would it hurt to have one, where people could contact him, besides having to register to some service?

The more people "forcing" a developer to support something, related to security, maybe they'll do something about it.

There's been a long time since this issue was brought to his attention...

Is anyone familiar with 7-zip-like application that support ASLR? I'm going to download a few and see how their fair, and look if they got ASLR support. But, if you already use one... say something.

 

Well I use WinRAR and it supports ASLR and its enabled. But of course its shareware and bought a license for it long ago

 

Oh... I remember that fellow... I used to use with Windows 98. There's been quite some time... I'll take a look at it again.

I just wish that PeaZip would actually be an alternative. It uses 7-zip core, though. That means no ASLR support either. I like its GUI, though. Too bad.

-edit-

By the way, for anyone interested, Elaborate Bytes Virtual CloneDrive also doesn't support ASLR. It loads a dll to Explorer. I'll try and see if I can send them an e-mail, rather than having to register in their forum. Would it really hurt to make use of these security technologies?

 

I'm using CloneDrive and never even thought to wonder about that. Thanks for the info. I wonder if IZArc supports it? That's about the only other free archive program I know of. Btw, does Firefox support ASLR now? I know v3 didn't, I wasn't sure if they changed it.

Edit: My question arises from seeing this article: http://www.pcmag.com/article2/0,2817,2366015,00.asp Granted that's from last year, but it was an eye opener to me.

 

Hahaha moon so its a long time coming then DVDFab Virtual Drive doesn't support ASLR as well.

 

I started a thread over Spybot's forum 3 days ago regarding ASLR support. Their latest stable version lacks it, and it loads a dll into Explorer/IE as well.

No freaking reply. Maybe Spybot 2.0 will support it, when it comes out... but it's going to take quite a while (if it's like the beta, it will take more than a year ) before it's released. I really think they should look into it. It's something they should have done long ago. Total lack of concern, IMO.