Newer processors are able to contribute to the security of your system, but what exactly do they do to help? Today’s Super User Q&A post looks at the link between processors and system security.
Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.
Photo courtesy of Zoltan Horlik.
The Question
SuperUser reader Krimson wants to know what the link between processors and security is:
What is the connection between the two? And if the processor is contributing to the security of your system, then what is it doing that helps the user?
As far as I know, processors just execute instructions given to them. So again, what is the link between a processor and security? How can a processor enhance security?
The Answer
SuperUser contributors Journeyman Geek and chritohnide have the answer for us. First up, Journeyman Geek:
Followed by the answer from chritohnide:
You can use this for things like OpenSSL, or encrypting the hard drive, or any library designed to use it, with less of a hit on performance for regular tasks.
Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.
One example is the flagging of data areas in memory as No-eXecute in order to prevent over- and under-run vulnerabilities.
An older and more fundamental capability are the protection mechanisms provided by the virtual memory management system. The very nature of the conventional VMM techniques prevent one process from accessing another process’s memory.