Are there commercial chips on the market which protect against malware?

Hi Everyone:

       A friend of mine within the computer industry mentioned that Intel has designed a processor or chip which has built-in instructions to protect the pc against malware.  It does this by placing the malware within a non-executable area of RAM.  I believe most computers availabe on the market do not have such a processor, thus, malware getting placed into executable areas of RAM and being transferred to folders, files, and the registry.  The company name which is suppose to have such a chip is Intel and I believe the name of the chip is Vive.

       This is an interesting technological shift because malware has and continues to be handled through software intervention (e.g. SpyBot Search & Destroy, HiJack This, AdAware, McAfee Anti-Virus).  Now, as I understand it, we are starting to see hardware protection against malware coming upon the scene.

        With these points in mind, I am interested in reading any thoughts from experts on EE regarding this exciting possiblity.  While there may be a chip which does protection, there will probably need to be a special motherboard to support it.

        In any case, I look forward to reading everyone's insights into this matter.

       Thank you

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Gary CaseRetiredCommented:
Hi George,

I think your friend has confused the Data Execution Prevention features of many Intel chips with the new Intel Viiv specification, which is an Intel initiative to improve the multimedia capabilities of computers.   Viiv systems have to use specified Intel chipsets, CPU's, and certain other technologies.

Data Execution Prevention (DEP) is an existing capability of many CPU's that, if enabled (the Operating System can control it) will prevent the execution of instructions from within the data areas of a process.   As you may know, it is a good programming practice to keep your code separate from your data;  but in the past many programmers would write "self-modifying" code.   So the code and data would be mixed -- which allowed some "tight" code, but made modification and maintenance difficult.   If DEP is enabled, nothing can be executed from within the data area -- which enforces good programming practice; and also eliminates one very common method of getting malware and virus code into a system (by disguising it as data; and later employing one of several tricks to get it to execute).   DEP, along with properly controlled privilege levels (which OS's can employ to not allow untrusted programs to directly access hardware control registers and I/O devices -- otherwise an untrusted program could, for example, turn off DEP and then execute code from a data page), can allow OS's to become much more secure.

Both Intel and AMD support Data Execution Prevention.  On Intel chips, be sure they have the Execute Disable bit (XD) feature;  on AMD chips, you need the no-execute page-protection (NX) feature.   There's a good discussion of this here:

The Viiv initiative is very well described here:

One other thing Intel is doing that WILL provide better malware protection is adding hardware support, known as VT-x,  for virtualization (technologies such as Virtual Server, Virtual PC, and VMWare).   Virtualized systems can be MUCH better protected from malware, as they are totally isolated from the "real" environment of the machine.  I've used Virtual PC for a couple of years to maintain a "browsing machine" that I can use to safely browse the internet without endangering my "real" machine -- it's "on" this same computer, but it's effectively its own machine ==> if it got "hit" with a nasty virus or malware it would have NO impact on this computer;  I could simply delete the file that represents the virtual hard drive; and restore it from an earlier copy -- 2 minutes work !!   The VT-x technolgies will allow these virtualized machines to run much faster, as it will allow much of the virtualization to be done in hardware.   This MAY be what your friend was referring to.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Hi George :
The reborn card says it does : 
dbruntonQuid, Me Anxius Sum?  Illegitimi non carborundum.Commented:

What this card does is to give you the ability to roll the machine back to a previous date/state.  However doing that wipes everything else out that was created after the date/state.  It is possible to update the machine and then reset the rollback date/state if you want to.

However if you use something like this save the data on an external drive.
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Gary CaseRetiredCommented:
The Reborn card, HDDGuarder, etc. all provide a means of restoring to a previous state by maintaining an image of that state.   This isn't providing real-time protection against malware;  it's simply providing an easy way to recovery to a previous malware-free state.   The same thing you can easily do by maintaining up-to-date images, etc.
Well the idea of hardware geting smarter kind of scares me.  Driving away from the hardware being a "hardware level" objects and blurring the lines bewtreen software/hardware is never a good thing.  

Take the cable box for example....

The propritary hardware operating systems is a scary glimpse of the future.  All sorts of nasties surpirses can lurk in the hardware if we open this "box".  
Things like, needing 15 license along with 30 activation numbers just to boot your computer.

DRM on hardware devices... (already seeing this on mp3players)

Serial / mac id registration.

Hardware Copyright protection (anyone who has been un-lucky enoungh to buy a starforce protected game)

My fear is that the computer will become a leased thing in which your not allowed to tinker, modifiy or build, install, etc.  Everything will come pre-loaded, all software / applicaitons ./ games will be streamed off the internet, you will have a global account that you log-in to access whateve programs you have rights too...

I say leave the software on the software level...  

Gary CaseRetiredCommented:
... Your fears of the computer becoming a "leased thing" aren't unfounded ==> but that's not limited to hardware.  Micro$oft is working hard on the "software as a service" paradigm, which will essentially turn applications (Word, Excel, etc.) into "leased" applications that you use from within your web browser.   The selling point (and it's not all wrong) is that it will make upgrades, etc. unnecessary -- since everyone will be using the same versions -- and allow the software to be more reliable (since there won't be hundreds of different configurations to contend with).   But don't misread the tea leaves -- the bottom line is it's MUCH more profitable if they can move everyone to that concept.
George, this technology, of "virus detect at the CPU level" is not only slated for all new processors by Intel, but also AMD.  They will be coming out next year, and by the end of next year, you probably will not be able to buy a CPU without this built-in virus detect technology.  It is "come late" features by the main CPU makers after many cries for them to help fight the onslaught of viruses.

Fundamentally, the software on a system cannot protect the computer at the SYSTEM level, it can only fix the software, which is dependent on the OS boot, so if viruses can install before the software runs, there is no way the software can find them, they are already hiding when the software runs !!

"Now, as I understand it, we are starting to see hardware protection against malware coming upon the scene."

This is necessary to thwart the serious viruses that circumvent all software detection, and it has been too long coming.  I doubt it will be designed to invade privacy, the CPU makers have too much to lose by doing this .. but as with all these innovations, only time will tell ...,+Intel+put+antivirus+tech+into+chips/2100-7355_3-5137832.html

That core DUO is the first to come out with it, but AMD is biting their heels --,,30_118_9331_12862%5e13301,00.html?redir=CPGWV01
its kind of funny, i've been running linux for about 5 years now, never had any malware or virri...

Why does windows need hardware protection and linux doesnt?  And you cant really say that no one uses linux, considering 75%+ of all web pages / routers / internet backbones are now using some flavor of linux...
Gary CaseRetiredCommented:
Read the details carefully -- the protection is being implemented by the OS's by taking advantage of the DEP capabilities of the chips.   There are a few instructions being added to help make implementation of this easier -- but the chips themselves don't really do the protection -- they simply provide the hardware features that let the OS do it more easily and securely.
GMartinAuthor Commented:
Hi Everyone:

        Thanks so much for the well-thought out followups to this intriguing question.  I found each comment along with the links provided very helpful for twofold reasons.  First, this information helped me to gain a greater understanding behind current technologies being used to help protect against malware.  From what I gather, this is still primarily handled at the software level and not the hardware level.  And, secondly, thanks Gary for correcting my misconceptions of this entire situation.  At first, I thought Intel had developed a chip that would be a "magic bullet" fix for the plaque of malware.  After reviewing everyone, I realize this is wrong and not an accurate depiction.  

         In closing, great job everyone on this post.  I learned much from it.

Gary CaseRetiredCommented:
As always, You're most welcome.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.