Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

eWeek says "Apple's Switch to Intel Could Allow OS X Exploits"

From: pmeunier at cerias.purdue.edu (Pascal Meunier)
Date: Fri, 27 Jan 2006 11:55:49 -0500
On 1/27/06 11:20 AM, "Kenneth R. van Wyk" <Ken at krvw.com> wrote:


Interesting article, I suppose, but I'm not convinced of its conclusion:

http://www.eweek.com/article2/0,1895,1915923,00.asp

The article claims that Apple's use of Intel chips will result in more
software exploits because, "'Attackers have been focused on the [Intel] x86
for over a decade. Macintosh will have a lot more exposure than when it was
on PowerPC,' said Oliver Friedrichs, a senior manager at Symantec Corp.
Security Response."

I was hoping to find some hint of a hardware architectural feature that the
powerpc has that provided an additional means of protection, but the article
mentions none.  Instead, the only reason that it cites for the (presumed)
increase in software exploits is attackers' knowledge and experience base.

After all, didn't attackers also have access to powerpc systems to build
attacks on during the same timeframe that Symantec suggests?  Does the
powerpc architecture provide some inherent protection against (say) stack
smashing than the x86 does?

Am I missing something here?

It resembles a speculative economic argument.  The main point is the
possible re-use of assembly code knowledge and tools.  A barrier to entry
(the cost of learning PowerPC assembly code and developing support tools for
it) has been removed for some individuals, due to the change to Intel.
Presumably, if you lower the cost, more people will do it.  Whether this
will make a significant difference is pure opinion.

Cheers,
Pascal
Previous By Date Next
Previous By Thread Next

Current thread: