BlackHat 2016 talk by @anders_fogh / @lavados - in hindsight you can see where this is goinghttps://www.youtube.com/watch?v=Pwq0vv4X7m4 …
Hardly. Consider key generation for a trivial counterexample. But the space of possible random values has to be huge (not ~10-28 bits like ASLR) and they can't leak.
-
-
Take actual encryption as an exception. But I consider none deterministic memory layouts as a workaround for other issues.
-
Even if they were in a 256-bit memory space you couldn't brute force?
-
I think you could conceivably even implement memory-safety that way - huge sparse address space.
-
If the probability of guessing an address is less than the probability of guessing the ssh private key, is it meaningful to consider it nonzero?
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
