August 9, 2004 12:43 PM PDT

AMD says its chips can boost PC security

Advanced Micro Devices says it has one-upped rival Intel in computer security by moving more quickly to embrace new features provided by an update to Microsoft's Windows PC operating system.

AMD on Monday trumpeted a chip feature called Enhanced Virus Protection, which works with an update of Microsoft's Windows XP operating system to thwart some viruses and worms--malicious software that devours data or clogs up e-mail servers.

arrow Will SP2 protect your system?
play audio
EVP, as AMD calls it, works with Windows XP Service Pack 2, an update for Windows XP that was released to PC makers late last week, and which Microsoft intends to make available as a download this month. Together, the two features are designed to close off a common method of attack called a buffer overflow. A buffer overflow attack essentially overwhelms a computer's defense systems and then inserts a malicious program into memory, allowing the processor to subsequently execute that program.

EVP, which AMD put into place while designing the chips, which it launched in September 2003, has enabled the chipmaker to beat Intel to the punch when it comes to capitalizing on the Windows enhancements. Although AMD's larger rival is expected to add similar features to its chips later this year, those chips will take some time to work their way into the market. EVP can be switched on in existing AMD64 processor systems, which have been shipping for about a year, just as soon as Microsoft's SP2 is installed.

AMD on Monday said chips offering EVP include AMD64 processors, such as the Athlon 64 and Athlon 64 FX for desktops, the mobile AMD Athlon 64 mobile for notebooks, and the mobile version of the low-priced Sempron processor, which is based on Athlon 64.

AMD's Opteron processor for servers also incorporates EVP, but the feature won't switch on in Opteron until the arrival of Microsoft's Windows Server 2003 Service Pack 1 and Windows Server 2003 for 64-bit Extended Systems hit the market.

AMD says the EVP feature will add greater protection to everyday tasks such as receiving e-mail and downloading files from the Internet. Athlon 64 processors have mainly been available in consumer- and small-business-oriented notebooks and in desktops from manufacturers such as Acer, Hewlett-Packard and eMachines in the United States.

Although the EVP maneuver could give AMD a boost in the minds of security-conscious buyers, who are likely to reason that they can receive a PC with beefier defenses for no additional charge, at least one analyst doesn't expect the feature to drive large numbers of additional PC sales among consumers.

"I think you'll be able to measure the differential (between those spurred to buy because of EVP and those that were already planning to buy) in individual unit volumes," said Steve Baker, analyst with NPD Techworld, which covers the retail market in the United States.

Thus, even though EVP could raise AMD's profile, its enhanced security might not spur consumers who weren't already planning to buy a new PC to do so, unless Microsoft and PC makers promote the new features extensively--something they have not done before with software upgrades, such as the first Windows XP service pack, Baker said.

1 comment

Join the conversation!
Add your comment
For REAL security, we need MEMORY MANAGEMENT back!!!
In the late '60's and early 70's, many minicomputers had a "fence register" feature which allowed secure operating systems, in conjunction with this hardware, to do real, 'crash-proof' memory management.

This feature was abandoned...along with many other useful bus-and-register oriented the first microprocessors simply because it was too hard to implement the many interconnects required.

Time has passed, and technology has overcome many of the implementation problems. It's now time for some "back to the future" engineering which restores the useful and secure architectural features we used to have in modern chips.

While we're at it, how about restoring power fail with auto restart? This requires a small amount of on-chip non-volatile memory along with some rudimentary power monitoring circuitry.

We've suffered long enough with the lame excuses (primarily "it's only data processing") for insecure, backward, and flawed architectures. It's now time to restore the security we once had. Security MUST be cannot add it on. A REAL "operating system" MUST have full control over critical resources, including memory and operator's console. A REAL "operating system" never GRACEFULLY DEGRADES when asked to do the impossible.

Let's toss out the 'band aid' mentality...throw the 'it's too complex to be secure' excuserati off of the design teams...and implement REAL security.
We know how...all we have to do is update and re-implement the 30 year old designs...and we all know that it's WORTH THE EFFORT. We can potentially save millions of manhours each year and will be able to use computers in new critical applications where we just can't trust them now.
Posted by landlines (54 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.