NCC Group told Firefox to turn on ASLR in their Mac builds 2 years ago. No one cares *shrug* https://github.com/iSECPartners/publications/blob/master/reports/Tor%20Browser%20Bundle/Tor%20Browser%20Bundle%20-%20iSEC%20Deliverable%201.3.pdf …https://twitter.com/thegrugq/status/760345035288121349 …
-
-
this is really terrible. How did no brass at Firefox escalate this? There have to be some crazy legacy reasons.
2 replies 0 retweets 0 likes
Replying to @codinghorror @tqbf
IMHO this is pretty common as far as pentest reports go. It's why I prioritize shipping CI tools for our projects.
0 replies
1 retweet
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.