Re: On the Effectiveness of Address Space Randomization

[Dave Aitel <dave () immunitysec com>]

pageexec () freemail hu wrote:

> there's a paper presented at the ACM Computer and Communications Security
> conference, some of you might want to check it out. while it contains some
> glaring mistakes, it's generally a good overview of the utility of memory
> randomization techniques.
>
> http://www.stanford.edu/~blp/papers/asrandom.pdf
>  
You don't have to bandy words here. We'd love to hear your (or Brad's) 
comments for those of us to whom "glaring mistake" is not so glaring. :>

As a side note, I apologize to everyone who recieved a worm in their 
email from dailydave. We don't moderate messages to dailydave, except 
from non-subscribers. If someone knows how to set mailman to reject 
messages with .[com|exe|etc], please let me know. Also, this means if 
your message did not appear on dailydave, then you are not subscribed. I 
rarely go through and moderate.

Ooh, another side note, one thing I find funny is when people do Linux 
versus Microsoft comparisons on security and they forget to mention that 
the version of Linux they're running was released a couple weeks ago, 
whereas they're running Microsoft Windows 2000, which was gold 5 years 
ago. Even 2003 has an aged archetecture by Linux standards. Going back 
to do service packs and whatnot for security is tough. It took Sinan 
Eren about 3 weeks to break a lot of the generic protections on SP2, for 
example. He's really smart and all, but grsecurity, in my opinion, is a 
bigger change to Linux in terms of security than SP2 was to XP, and it's 
a bigger change to a more modern system by several years.

-dave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave