Sure, but at the same time as @depletionmode mentioned it can catch real-world attacks (which are not done by exploiters who can bypass it) https://twitter.com/depletionmode/status/1156824124288884736 …
Anyway, I don't think we will ever end this discussion here :)
Here is a question for you, I think the market value of a kernel memory corruption is quite high. Conversely, I think the market value of the name of a struct or whatever you can corrupt with an arbitrary r0 rw is zero, how do you explain that disparity?
-
-
Twitter not being the best medium for discussions, I don't want you to get frustrated further, so I'll try again for personal clarity: Mitigations and vulns in boundaries are one thing; detection technologies are something different entirely. I'm not trying to confuse the two.
-
I am also drawing no equivalence between opportunistic detection schemes and concrete security boundaries (although exactly where said boundaries lie - and whether attackers care is also something that can be discussed).
- 15 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
