Hi,

I am the CEO of a german company called Sys-Manage offering a 3rd
party BufferOverflow protection software similiar to DEP introduced
with XP/SP2 (btw this means something like idiot in german). So I
know what I am talking about.

Please have a look at: http://pax.grsecurity.net/

I know Microsoft tries to sell you XP/SP2 as some kind of important
security update, but compared to what Pax does on the linux platform,
DEP is just a pebble compared to the linux mountain. Their non
executable code pages are only one of many methods applied by Pax to
prevent the execution of malicious code. Please compare it.

Even our, relatively small company, is faster on the market with such
features. Honestly I distrust such a company, no matter what they are
doing or offering. - Sorry.

Anyone can pay some money to forbes, or other companies to let them
write some trash like this. Why isn't their any comparison of
Linux+Pax and XP+SP2. I know why.

Andreas Denter
Sys-Manage

In answer to the question at the end...because we won the war...twice.
By the way, idiot can also be spelled "german".
"Andreas Denter" > wrote in message
om...
> Hi,
>
> I am the CEO of a german company called Sys-Manage offering a 3rd
> party BufferOverflow protection software similiar to DEP introduced
> with XP/SP2 (btw this means something like idiot in german). So I
> know what I am talking about.
>
> Please have a look at: http://pax.grsecurity.net/
>
> I know Microsoft tries to sell you XP/SP2 as some kind of important
> security update, but compared to what Pax does on the linux platform,
> DEP is just a pebble compared to the linux mountain. Their non
> executable code pages are only one of many methods applied by Pax to
> prevent the execution of malicious code. Please compare it.
>
> Even our, relatively small company, is faster on the market with such
> features. Honestly I distrust such a company, no matter what they are
> doing or offering. - Sorry.
>
> Anyone can pay some money to forbes, or other companies to let them
> write some trash like this. Why isn't their any comparison of
> Linux+Pax and XP+SP2. I know why.
>
> Andreas Denter
> Sys-Manage

Andreas Denter wrote:
> Hi,
>
> I am the CEO of a german company called Sys-Manage offering a 3rd
> party BufferOverflow protection software similiar to DEP introduced
> with XP/SP2 (btw this means something like idiot in german). So I
> know what I am talking about.
>
> Please have a look at: http://pax.grsecurity.net/
>
> I know Microsoft tries to sell you XP/SP2 as some kind of important
> security update, but compared to what Pax does on the linux platform,
> DEP is just a pebble compared to the linux mountain. Their non
> executable code pages are only one of many methods applied by Pax to
> prevent the execution of malicious code. Please compare it.
>
> Even our, relatively small company, is faster on the market with such
> features. Honestly I distrust such a company, no matter what they are
> doing or offering. - Sorry.
>
> Anyone can pay some money to forbes, or other companies to let them
> write some trash like this. Why isn't their any comparison of
> Linux+Pax and XP+SP2. I know why.
>
> Andreas Denter
> Sys-Manage

Andreas

Knowing the importance of buffer overflow prevention and DEP, why would you
ridicule a company for attempting to implement this protection?

This effort may not compare to the PAX implementation on Linux systems or
other efforts like your own with BufferShield, but it is a good start.

The hard fact is that most of the worlds computer users have Windows
installed on their systems and they do not want to be bothered with learning
about things like Buffer Overflows or Data Execution Prevention. They just
want the system to work and do not want to be concerned with the
technicalities.

Viruses have been attacking Windows operating systems, using the buffer
overflow path, for a long time. Something is being done about this
vulnerability. This is a win/win effort.

Windows XP Service Pack 2: Technologies Overview:
http://www.microsoft.com/windowsxp/sp2/technologiesoverview.mspx

Detailed description of the Data Execution Prevention feature in Windows XP
SP2:
http://support.microsoft.com/?id=875352


--

Ronnie Vernon
Microsoft MVP
Windows Shell/User