Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 14 Jan 2014 12:16:19 +0100
From:      Julien Cigar <jcigar@ulb.ac.be>
To:        David Noel <david.i.noel@gmail.com>
Cc:        FreeBSD Questions Mailing List <freebsd-questions@freebsd.org>
Subject:   Re: Exploit Mitigation Techniques: an Update After 10 Years (Theo de Raadt)
Message-ID:  <20140114111619.GC1672@mordor.lan>
In-Reply-To: <CAHAXwYC8ScSRyGHSG0gzVG=YYfoSrVbJJ6afSZzhZEOa4L5_SQ@mail.gmail.com>
References:  <CAHAXwYC8ScSRyGHSG0gzVG=YYfoSrVbJJ6afSZzhZEOa4L5_SQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
http://www.itwire.com/business-it-news/open-source/62728-mckusick-denies-freebsd-lagging-on-security

On Tue, Jan 14, 2014 at 05:03:28AM -0600, David Noel wrote:
> http://tech.yandex.ru/events/yagosti/ruBSD/talks/1487/
> 
> I found an interesting talk the other day by OpenBSD's Theo de Raadt
> discussing the various exploit mitigation techniques used by OpenBSD.
> After outlining them he spent a few minutes talking about their
> adoption by other operating systems. He was particularly critical of
> the FreeBSD project for either not incorporating these techniques or
> for incorporating them, but disabling them by default.
> 
> I'm not a systems developer so I have little basis for an opinion on
> what he said. I was hoping someone here who was more knowledgeable in
> that domain could chime in. Are the techniques he describes really the
> cutting edge when it comes to operating system security? Again, I'm
> not a systems guy, but I could see the value in the techniques he
> described. On the other hand I could also see how things like address
> space randomization could be dismissed as security through obscurity,
> and stand as nothing more than a small roadblock one would have to
> work around to compromise a system.
> 
> If these techniques are not worth implementing, what are their main
> criticisms? If they are as useful as Theo seems to believe, what
> efforts are underway to incorporate them into FreeBSD?
> 
> -David
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

-- 
No trees were killed in the creation of this message.
However, many electrons were terribly inconvenienced.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140114111619.GC1672>