From owner-freebsd-arch@FreeBSD.ORG  Sun May 24 20:43:22 2015
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 9CD1A306;
 Sun, 24 May 2015 20:43:22 +0000 (UTC)
 (envelope-from kmacybsd@gmail.com)
Received: from mail-ob0-x22c.google.com (mail-ob0-x22c.google.com
 [IPv6:2607:f8b0:4003:c01::22c])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 6068E35D;
 Sun, 24 May 2015 20:43:22 +0000 (UTC)
 (envelope-from kmacybsd@gmail.com)
Received: by obbnx5 with SMTP id nx5so43213416obb.0;
 Sun, 24 May 2015 13:43:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:in-reply-to:references:date:message-id:subject
 :from:to:cc:content-type;
 bh=v67TYZ76D/dUjJQ0YGRyV+GcAU25xZWTtDU3IfG5euo=;
 b=L5P6CvNmz/rh7c/BCyNoEq9Eni67Nf/v+1a/x/an12ekzLqPRkdeU22/PBzb60kZ2T
 0iOvAZGsvUX5ZsK4CEMW1WCRikTrI3lb39Y9paVAk/VEHuSx7I/AQcIWG1gh/FEYAAJF
 Nxdwnaoz4MqF5LKs0k9jIGkjpikINokvkp1V8zxF8PjgWBxrYgLS5g3VGs8sfBF/aueu
 VEa6UvIavgOAtfxS1OGYcZqhVCIIo3NWMLLWD4LZoUtz0VPFVOeSqRJrY+hz1Qjoo693
 iSeeumK2NXQOrHyARRHYDWm0JGZuGikHKAXBPiUNG6HH1LMX3WNv+mrvQalpjaF/cqd0
 qjnA==
MIME-Version: 1.0
X-Received: by 10.202.196.211 with SMTP id u202mr1494446oif.10.1432500201579; 
 Sun, 24 May 2015 13:43:21 -0700 (PDT)
Sender: kmacybsd@gmail.com
Received: by 10.202.21.132 with HTTP; Sun, 24 May 2015 13:43:21 -0700 (PDT)
Received: by 10.202.21.132 with HTTP; Sun, 24 May 2015 13:43:21 -0700 (PDT)
In-Reply-To: <555FBE83.6080103@FreeBSD.org>
References: <555CADB6.202@FreeBSD.org>
 <CAPQ4fftbUUSMHYXjOD-yO0ZzxdKwXzd5LA5AycrEyKMT3o63xw@mail.gmail.com>
 <555CC369.1030206@FreeBSD.org> <555FBE83.6080103@FreeBSD.org>
Date: Sun, 24 May 2015 13:43:21 -0700
X-Google-Sender-Auth: 3JwDjURESHLDW64mLHTA-YBNtnQ
Message-ID: <CAHM0Q_O4bCTaVi5HvKohrcYE--Yw8Yoo-0wEp1ScnF=qLiiQiQ@mail.gmail.com>
Subject: Re: ASLR work into -HEAD ?
From: "K. Macy" <kmacy@freebsd.org>
To: Bryan Drewery <bdrewery@freebsd.org>
Cc: freebsd-arch@freebsd.org, Oliver Pinter <oliver.pinter@hardenedbsd.org>, 
 Shawn Webb <shawn.webb@hardenedbsd.org>, Pedro Giffuni <pfg@freebsd.org>
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.20
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch/>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 24 May 2015 20:43:22 -0000

On May 22, 2015 4:41 PM, "Bryan Drewery" <bdrewery@freebsd.org> wrote:
>
> On 5/20/2015 12:24 PM, Pedro Giffuni wrote:
> > My claim is that the majority of "professional" breachers and
> > governments already have ASLR workarounds pre-coded and ready
> > to launch. Finding an exploit is more difficult than beating
> > ASLR so they are not going to hint everyone that they have
> > an exploit until they can take all the linux/windows/MacOSX
> > at the same time.
> >
> > The cost for the NSA and/or anonymous to step on
> > ASLR is zero.
>

Correct. But who are we really protecting against? If it's the NSA only air
gap will really do.  In reality it's just a matter of making the cost of
circumventing protections exceed the value of the data or items being
protected. Locking one's doors and windows doesn't make one's house
impenetrable by any stretch, but it does deter opportunistic passerby.

Protecting against state overreach is a political matter and shouldn't
factor into whether to invest in deterring lesser malfeasors.

I'm sorry, but Bryan has it right. The political discussion is a side show.

-K

> This sort of argument easily turns into "why bother with security?".
> Please be careful with it. Every layer and mitigation helps. The real
> world is not just NSA or China. It's also full of script kiddies. Should
> we just stop using SSL because NSA might have cracked it? Should we just
> hand over root ssh keys to China because they probably have it all
> hacked anyway? Should we just give up since billions of dollars pour
> into security breaking research? Should I just post my CC here since
> it's surely leaked from the hundreds of places I use it at anyway? No.
>
> I've had very basic security checks, that could be easily circumvented,
> stop actual script kiddies before. Had they persisted longer I would
> have been in major trouble. If I explained what it is you would surely
> laugh it off and tell me to not bother. Well it worked. ASLR has its
> place too.
>
> --
> Regards,
> Bryan Drewery
>