„64-bit Debian and 64-bit HardenedBSD had the two best implementations of ASLR, with 64-bit Debian having just slightly more entropy than 64-bit HardenedBSD.“ web.cs.ucdavis.edu/~peisert/resea
This Tweet was deleted by the Tweet author. Learn more
Conversation
Replying to
The original tweet presenting the results in a misleading and dishonest only looks bad for the person doing it, not the project they're trying to attack.
twitter.com/gonzopancho/st
The paper is also only looking at one part of the ASLR implementation rather than the whole picture.
This Tweet is unavailable.
So, aside from being a very incomplete look at ASLR, it also misses that it's only one of a set of mitigations against memory corruption attacks. Resorting to misrepresenting the results of a very obviously lacking paper to attack other projects is quite desperate and pathetic.
2
This Tweet was deleted by the Tweet author. Learn more
Show replies
HardenedBSD doesn't care about 32-bit arch's.
The primary author of the paper had reached out to us during his research. He was very confused about how different ASLR implementations work. His testing methodology and algorithms weren't accurate.
This research paper is flawed.
1
This Tweet was deleted by the Tweet author. Learn more
Show replies