Data Execution Prevention notes

[TaoPhoenix]

Elsewhere I'd remarked that I was getting bad user experiences when DEP was kicking in. But what kept bothering me was "it didn't used to be that hard!" Turns out that some time back I installed EMET, which hooked into the DEP settings (and then greyed them out in the normal system properties area!)

So when a printer driver suite bounced today, I went over to EMET and turned DEP off. It's rarely/never caught any malware -the only programs that bounce are mostly legit, if maybe sloppily written.

So it is a total case of what was supposed to be security was making me miserable. 

[f0dder]

Hm, with EMET 3.0 you should be able to set your system DEP to "Always On", but configure individual apps to not have it - not sure if that'd work for a printer driver (would most likely be a DLL loaded into the printing process' address space?) - but should work for other stuff.

Don't think I've ever run into crashing apps because of EMET - I've got DEP always-on, SEHOP app opt-out and ASLR app opt-in. Haven't seen it protect me from malware either, but in case anything should ever slip by my panzered firefox, at least it's an extra layer of mitigation

[TaoPhoenix]

Well, I have the "Tech preview of version 3.5.0" and I saw that option, but by this point I became so frustrated overall, that I just turned it off. Re: the printer, it's not just a printer driver, but printers come bundled with various apps and I didn't feel like getting too fancy trying to dance around the recommended normal install. (It's a Brother multi-function, and the whole design has this slightly sour mood of being inelegant in both software and hardware. Just an example: Every other printer in the world has the cable outlets on the side/back. This one has the USB jack *under the scanner bed*. Really?!)  So in the multi-chained install CD it crashed the install process.

So for DEP, the casualties are:
My sound card additional-functionality app
The printer install
The help file from my note taker app
A couple of lesser things I don't recall.

[f0dder]

I don't think I've come across (official) printer driver software in a long time that wasn't extremely tacky, garish, and completely useless. I usually try to find a way to extract just the necessary driver files, as I can't stand that "value-added" crap . Goes for my Pixma ip2600, but at least the printer works decently, and I didn't have to work too hard to get the non-crap files (found a clean Vista driver that works on Win7, rather than the überbloated Win7 driver).

It sucks that there's so much poorly programmed software that b0rks with DEP enabled - it's due to bugs or pesky compression/protection software that's trying to be a bit too sneaky for it's own good. With such a relatively short list, I'd personally add DEP exceptions and keep EMET installed, though.