[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Are there commercial chips on the market which protect against malware?

Posted on 2006-07-09
Medium Priority
Last Modified: 2010-08-05
Hi Everyone:

       A friend of mine within the computer industry mentioned that Intel has designed a processor or chip which has built-in instructions to protect the pc against malware.  It does this by placing the malware within a non-executable area of RAM.  I believe most computers availabe on the market do not have such a processor, thus, malware getting placed into executable areas of RAM and being transferred to folders, files, and the registry.  The company name which is suppose to have such a chip is Intel and I believe the name of the chip is Vive.

       This is an interesting technological shift because malware has and continues to be handled through software intervention (e.g. SpyBot Search & Destroy, HiJack This, AdAware, McAfee Anti-Virus).  Now, as I understand it, we are starting to see hardware protection against malware coming upon the scene.

        With these points in mind, I am interested in reading any thoughts from experts on EE regarding this exciting possiblity.  While there may be a chip which does protection, there will probably need to be a special motherboard to support it.

        In any case, I look forward to reading everyone's insights into this matter.

       Thank you

Question by:GMartin
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 70

Accepted Solution

garycase earned 1000 total points
ID: 17070374
Hi George,

I think your friend has confused the Data Execution Prevention features of many Intel chips with the new Intel Viiv specification, which is an Intel initiative to improve the multimedia capabilities of computers.   Viiv systems have to use specified Intel chipsets, CPU's, and certain other technologies.

Data Execution Prevention (DEP) is an existing capability of many CPU's that, if enabled (the Operating System can control it) will prevent the execution of instructions from within the data areas of a process.   As you may know, it is a good programming practice to keep your code separate from your data;  but in the past many programmers would write "self-modifying" code.   So the code and data would be mixed -- which allowed some "tight" code, but made modification and maintenance difficult.   If DEP is enabled, nothing can be executed from within the data area -- which enforces good programming practice; and also eliminates one very common method of getting malware and virus code into a system (by disguising it as data; and later employing one of several tricks to get it to execute).   DEP, along with properly controlled privilege levels (which OS's can employ to not allow untrusted programs to directly access hardware control registers and I/O devices -- otherwise an untrusted program could, for example, turn off DEP and then execute code from a data page), can allow OS's to become much more secure.

Both Intel and AMD support Data Execution Prevention.  On Intel chips, be sure they have the Execute Disable bit (XD) feature;  on AMD chips, you need the no-execute page-protection (NX) feature.   There's a good discussion of this here:  http://support.microsoft.com/kb/875352

The Viiv initiative is very well described here:  http://www.pcpro.co.uk/features/82952/intel-viiv-technology/page1.html

One other thing Intel is doing that WILL provide better malware protection is adding hardware support, known as VT-x,  for virtualization (technologies such as Virtual Server, Virtual PC, and VMWare).   Virtualized systems can be MUCH better protected from malware, as they are totally isolated from the "real" environment of the machine.  I've used Virtual PC for a couple of years to maintain a "browsing machine" that I can use to safely browse the internet without endangering my "real" machine -- it's "on" this same computer, but it's effectively its own machine ==> if it got "hit" with a nasty virus or malware it would have NO impact on this computer;  I could simply delete the file that represents the virtual hard drive; and restore it from an earlier copy -- 2 minutes work !!   The VT-x technolgies will allow these virtualized machines to run much faster, as it will allow much of the virtualization to be done in hardware.   This MAY be what your friend was referring to.
LVL 93

Assisted Solution

nobus earned 200 total points
ID: 17070894
Hi George :
The reborn card says it does :

LVL 49

Assisted Solution

dbrunton earned 200 total points
ID: 17071010


What this card does is to give you the ability to roll the machine back to a previous date/state.  However doing that wipes everything else out that was created after the date/state.  It is possible to update the machine and then reset the rollback date/state if you want to.

However if you use something like this save the data on an external drive.

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

LVL 70

Expert Comment

ID: 17072889
The Reborn card, HDDGuarder, etc. all provide a means of restoring to a previous state by maintaining an image of that state.   This isn't providing real-time protection against malware;  it's simply providing an easy way to recovery to a previous malware-free state.   The same thing you can easily do by maintaining up-to-date images, etc.

Assisted Solution

computerfixins earned 200 total points
ID: 17076161
Well the idea of hardware geting smarter kind of scares me.  Driving away from the hardware being a "hardware level" objects and blurring the lines bewtreen software/hardware is never a good thing.  

Take the cable box for example....

The propritary hardware operating systems is a scary glimpse of the future.  All sorts of nasties surpirses can lurk in the hardware if we open this "box".  
Things like, needing 15 license along with 30 activation numbers just to boot your computer.

DRM on hardware devices... (already seeing this on mp3players)

Serial / mac id registration.

Hardware Copyright protection (anyone who has been un-lucky enoungh to buy a starforce protected game)

My fear is that the computer will become a leased thing in which your not allowed to tinker, modifiy or build, install, etc.  Everything will come pre-loaded, all software / applicaitons ./ games will be streamed off the internet, you will have a global account that you log-in to access whateve programs you have rights too...

I say leave the software on the software level...  

LVL 70

Expert Comment

ID: 17076208
... Your fears of the computer becoming a "leased thing" aren't unfounded ==> but that's not limited to hardware.  Micro$oft is working hard on the "software as a service" paradigm, which will essentially turn applications (Word, Excel, etc.) into "leased" applications that you use from within your web browser.   The selling point (and it's not all wrong) is that it will make upgrades, etc. unnecessary -- since everyone will be using the same versions -- and allow the software to be more reliable (since there won't be hundreds of different configurations to contend with).   But don't misread the tea leaves -- the bottom line is it's MUCH more profitable if they can move everyone to that concept.
LVL 44

Assisted Solution

scrathcyboy earned 400 total points
ID: 17078590
George, this technology, of "virus detect at the CPU level" is not only slated for all new processors by Intel, but also AMD.  They will be coming out next year, and by the end of next year, you probably will not be able to buy a CPU without this built-in virus detect technology.  It is "come late" features by the main CPU makers after many cries for them to help fight the onslaught of viruses.

Fundamentally, the software on a system cannot protect the computer at the SYSTEM level, it can only fix the software, which is dependent on the OS boot, so if viruses can install before the software runs, there is no way the software can find them, they are already hiding when the software runs !!

"Now, as I understand it, we are starting to see hardware protection against malware coming upon the scene."

This is necessary to thwart the serious viruses that circumvent all software detection, and it has been too long coming.  I doubt it will be designed to invade privacy, the CPU makers have too much to lose by doing this .. but as with all these innovations, only time will tell ...


That core DUO is the first to come out with it, but AMD is biting their heels --

Expert Comment

ID: 17078674
its kind of funny, i've been running linux for about 5 years now, never had any malware or virri...

Why does windows need hardware protection and linux doesnt?  And you cant really say that no one uses linux, considering 75%+ of all web pages / routers / internet backbones are now using some flavor of linux...
LVL 70

Assisted Solution

garycase earned 1000 total points
ID: 17078712
Read the details carefully -- the protection is being implemented by the OS's by taking advantage of the DEP capabilities of the chips.   There are a few instructions being added to help make implementation of this easier -- but the chips themselves don't really do the protection -- they simply provide the hardware features that let the OS do it more easily and securely.

Author Comment

ID: 17134288
Hi Everyone:

        Thanks so much for the well-thought out followups to this intriguing question.  I found each comment along with the links provided very helpful for twofold reasons.  First, this information helped me to gain a greater understanding behind current technologies being used to help protect against malware.  From what I gather, this is still primarily handled at the software level and not the hardware level.  And, secondly, thanks Gary for correcting my misconceptions of this entire situation.  At first, I thought Intel had developed a chip that would be a "magic bullet" fix for the plaque of malware.  After reviewing everyone, I realize this is wrong and not an accurate depiction.  

         In closing, great job everyone on this post.  I learned much from it.

LVL 70

Expert Comment

ID: 17134318
As always, You're most welcome.

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A clone is a duplicate copy. Sheep have been cloned and maybe someday even people will be cloned, but disk cloning (performed by the hard drive cloning software) is a vital tool used to manage and protect data. Let’s look at what hard drive cloning …
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question