Jump to content



Photo

Hosting, 32 or 64?


  • Please log in to reply
19 replies to this topic

#16 +Karl L.

Karl L.

    xorangekiller

  • Tech Issues Solved: 15
  • Joined: 24-January 09
  • Location: Virginia, USA
  • OS: Debian Testing

Posted 27 September 2013 - 04:36

Okay, J_R_G, I now see your point. You are right, 64-bit operating systems can theoretically make better use of ASLR due to the larger address space. However until we start using significantly more than 4GB of RAM, which I suppose some big iron enterprise machines do, the benefit is negligible at best. Also, 32-bit systems with PAE can still make use of > 4GB address space for ASLR.




#17 J_R_G

J_R_G

    Neowinian

  • Joined: 19-June 04

Posted 27 September 2013 - 04:50

Thanks for ceding that much. However I would say wrong on both points that followed. It relies on you running out of physical memory, before you reach the virtual address space limit. So 1GB, even 256MB would be just as good as 192GBs, so long as you are far south of the x64 virtual address limit (16 EB) which everyone will be for probably 30 years. Also PAE can use > 4GBs of RAM, but you get only 4GBs per process, so filling that process' 4GBs up with exploit code would result in a infection regardless of how much was installed and usable in the system for other processes. I take it you're an user of a PAE OS..? :)



#18 Kelxin

Kelxin

    Neowinian

  • Joined: 08-April 04

Posted 27 September 2013 - 04:50

However until we start using significantly more than 4GB of RAM

 

 

Hrm, my main workstation has 16GB of ram, and my server has 32GB of ram, which I max out on a regular basis....  Most of my clients have 16GB in their servers, with one having 128GB of memory, and considering there are mainstream boards that support 128 GB of quad channel DDR3, I think we're at the standardization point now that most off the shelf OEM systems come with 8GB or more.   So I would say we've passed the point of "starting to use significantly more than 4GB of ram".



#19 +Karl L.

Karl L.

    xorangekiller

  • Tech Issues Solved: 15
  • Joined: 24-January 09
  • Location: Virginia, USA
  • OS: Debian Testing

Posted 27 September 2013 - 06:21

I take it you're an user of a PAE OS..? :)

 

Actually, no. I have two personal machines. The primary one is AMD64 (Core i5) and the other is ARMv7 (Exynos 5). As for your point about how PAE relates to ASLR, it depends somewhat on the implementation. I admit that while I am somewhat familiar with the implementation in Linux; I only know about the implementation in Windows on a superficial level.



#20 J_R_G

J_R_G

    Neowinian

  • Joined: 19-June 04

Posted 27 September 2013 - 08:33

http://www.linuxques...t-707762-print/

 

If you have a PAE enabled kernel it (the kernel) can access (I believe) 36 bits of address space (64GB). However, since it's a 32 bit system, any one process can only access 32 bit space (4GB).

 

Because the process is restricted to 4GBs, the malware only has to worry about finding/overwriting addresses in that 4GBs, which is not a problem in most cases.

Even if you're referring to the kernel, 64GBs is not much breathing room, that's just $500 worth of RAM.





Click here to login or here to register to remove this ad, it's free!