Tuesday, May 29, 2007

Vista Tip: D.E.P.

So I am on vacqation all of this week and part of last week as well. Do I sit around and not do anything with the computer? Do I ignore the three betas I am still working on at the moment? Do I actually catch up on podcasts? Or better yet do I actually post something relevent on my poor neglected blog? Well one of those questions got answered in the negative. I will leave it to your imagination as to which one.

Looks like I can kind of take a breath and write up some stuff on Vista. I have been running an upgraded copy of Vista since it's day of official release. And before that, as you already know, I was using Vista in beta since this time last year. I have kept kind of mum on my thoughts and impressions of the final product because..

A. You have already heard a lot of my thoughts already over the last two years.And more importantly ..
B. Others who do a really good job at explaining the Assistive Tech side of things would smoke me in details and effort if I tried to emulate their awesome work.

This blog after all is kind of a off shoot of my day job. And others out there who train for a living really should be the ones you look to for the best advice on how to learn this new operating system. But what I do well on in my little corner of the net is tweaks and tips. So today I will let you in on one that can really mess up some Assistive Technology programs, and some legacy ones as well, in Vista.

DEP, or Data Execution Prevention, is a neat little technology that helps prevent you from having Buffer Overruns. This happens a lot with messy code, disc image creation, burning media or even converting media to other file types. But it's really popular in the Virus and Worm infection communities. To keep things simple let's just say that Buffer Overruns are bad and we will keep it at that.

Newer computers have a hardware solution on them to prevent DEP. And Vista turns this on kinda in an initial install. You can, or your virus protection software might, turn this on "high" by default. However most of the time I have only seen this in the midway activated state.

The problem is that some Assistive Technologies out there utilize the buffer in odd ways in order to make their products work. What you may find out is that your programs either run slow or not at all if DEP is set to look for the buffer overflow all the time. For security sake it's better to have this on High but it can drive you crazy with the performance hit. It's hard to say which programs get the brunt of this tech as each system running Vista is like a snowflake. No two systems are the same is what I am inferring here. So experiment with this hardware before you come to a conclusion as to if you do or do not want this functionality on all the time or not.

Here's how to get to the DEP controls..

1. Go to Control Panel>System And Maintenance>System
2. Use the links on the left side of this page to get to the "Advanced System Settings" panel. Be aware that you will encounter a UAC prompt.
3. Your focus should default to the button we want. If not what you want to select is the button named "Performance" under the Advanced tab in this box.
4. Now you are sitting inside the Visual Performance tab in this box. Go up to the tabs and move over to the "Data Execution Prevention" tab.
5. You should see radial buttons with choices for setting your DEP level. You may even be set at the default position of "run only with essential programs". You can select the option for DEP to run all the time and select OK until you are back at the System and Maintenance panel.

If your computer supports DEP then you will see these options. If not you may have to go into your BIOS and turn it support on manually then boot back into Vista and follow the above steps again. Older systems do not support DEP and you don't have to worry about any of this until you buy a newer computer.

The three cornerstones to knowing Vista are experience, behavior and discovery. And that really applies here as you will need to note all three before and after turning on DEP. You may find that this is a cool thing or again you might find that your AT product of choice hates it with a passion. But either way this is a new addition to Vista and you should experiment with this technology to see if it is right for your security needs.

To learn much more about what DEP is and what can it do for you I suggest either downloading the "Security Now" episode 78 podcast or read the transcript if you just want to skim the information.

Podcast download site for episode 78 featuring Hardware DEP
http://www.grc.com/securitynow.htm

Transcript of podcast link
http://www.grc.com/sn/SN-078.htm

1 comment:

Anonymous said...

How does having DEP on for all programs affect execution speed.
Vista is barely slogging through with or without JAWS and its scripts running.

Alice.A.Smith@ssa.gov