From owner-freebsd-arch@FreeBSD.ORG Wed May 27 16:04:44 2015 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CC26584E for ; Wed, 27 May 2015 16:04:44 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from nm22-vm1.bullet.mail.bf1.yahoo.com (nm22-vm1.bullet.mail.bf1.yahoo.com [98.139.212.127]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 72779FBE for ; Wed, 27 May 2015 16:04:43 +0000 (UTC) (envelope-from pfg@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1432742676; bh=DnPq+RHu6EALdmRbWsdhI7x5clBI+nXIihljTqjaekY=; h=Date:From:To:CC:Subject:References:In-Reply-To:From:Subject; b=iULZGOo3t5r79uTbKKJS8Q2ekI4VMTAMMokUEu24KL5eCqYIFIZppKjwH71baHcRtIB+Ttt1R8i7HyWYi76Dgs9O8M5Ahz/35fXXIPzMNn+BDtRPyz6MjyGh6u8giPagwiAyBsNkK4JADAxDj9egJglNCh9CtLBiG5Ny8gUGs/AhHrggMLHBAytmwjrpgVw3rQxKvBqU9BO2h15uzs4JeNM4q7CrqdHU0OsNhS+KRZhpR3OSfIxf4D0c6DpnH7youp9Fn4r6TepAFxgayxMj11IpLxvKJq/Zk8YUahOvevPf0yfkTIQiVlTMsT2YAVBW5bTnTe7v6ZS+R6O/oT+xzw== Received: from [66.196.81.174] by nm22.bullet.mail.bf1.yahoo.com with NNFMP; 27 May 2015 16:04:36 -0000 Received: from [98.139.211.205] by tm20.bullet.mail.bf1.yahoo.com with NNFMP; 27 May 2015 16:04:36 -0000 Received: from [127.0.0.1] by smtp214.mail.bf1.yahoo.com with NNFMP; 27 May 2015 16:04:36 -0000 X-Yahoo-Newman-Id: 466329.41568.bm@smtp214.mail.bf1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: Wapii5MVM1k5uh.GqoDy_HILCb_rjcaop7Cf5vv5NpcA_qh JS0b59MCiNXs2zFE7PRqwypqJgBrVop67ef.jhGB0FgYTF95YJ5okvj.Ftl7 Lg_enmD31.4dJDazaqySc9AssmN6yL6T33y_c35buReCw5Cg5UNnw_3TMJWb 4WUVaqo4lHIzsdapvqfCJkfm_JWYIG.O5gWIvu6uAJX2WR6tm_6xP6SoQZOs _I1.3k88JEjfyUaz8BbPesLLWDFnaL1ExniJbSIbhKKdVeTOXiXKYIWSgo6V tMBbTjwaHAekA4sKCQsAVl781Xh47GpUEY0LXPxSMZRgqEjEw6zYJsTt_Gyg jBNEWadUkbdWkit.fi8M5FOEbZ9jfYW6or2pNPpmAXkSmnsVNa2gC4rQEGH5 eicuSdUvXXKOKfFyHsnwkq9IG1FR_Epoy1wSF4je3DwRapYV.kZdiStSML5T 2GTg4P5mdZTsG.GSTdDkEKA_OsJDFXSZ_UsV9NeJudPbfuxpJ8FLfpu6HIfU T8IjnSfuI4xQAsLx4xNBz3yx8WKoV8JGG X-Yahoo-SMTP: xcjD0guswBAZaPPIbxpWwLcp9Unf Message-ID: <5565EB16.20208@FreeBSD.org> Date: Wed, 27 May 2015 11:04:38 -0500 From: Pedro Giffuni User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: Alfred Perlstein CC: freebsd-arch@freebsd.org Subject: Re: ASLR work into -HEAD ? References: <555CADB6.202@FreeBSD.org> <555CC369.1030206@FreeBSD.org> <555FBE83.6080103@FreeBSD.org> <55656245.3000205@freebsd.org> In-Reply-To: <55656245.3000205@freebsd.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 16:04:45 -0000 On 05/27/15 01:20, Alfred Perlstein wrote: > > > On 5/24/15 1:43 PM, K. Macy wrote: >> On May 22, 2015 4:41 PM, "Bryan Drewery" wrote: >>> On 5/20/2015 12:24 PM, Pedro Giffuni wrote: >>>> My claim is that the majority of "professional" breachers and >>>> governments already have ASLR workarounds pre-coded and ready >>>> to launch. Finding an exploit is more difficult than beating >>>> ASLR so they are not going to hint everyone that they have >>>> an exploit until they can take all the linux/windows/MacOSX >>>> at the same time. >>>> >>>> The cost for the NSA and/or anonymous to step on >>>> ASLR is zero. >> Correct. But who are we really protecting against? If it's the NSA only air >> gap will really do. In reality it's just a matter of making the cost of >> circumventing protections exceed the value of the data or items being >> protected. Locking one's doors and windows doesn't make one's house >> impenetrable by any stretch, but it does deter opportunistic passerby. >> >> Protecting against state overreach is a political matter and shouldn't >> factor into whether to invest in deterring lesser malfeasors. >> >> I'm sorry, but Bryan has it right. The political discussion is a side show. >> > > +1, also having a line item is good. Not having ASLR just makes > FreeBSD look derp. > And of course I am in the minority that thinks that just because everybody else (or at least the OSs that matter) has done it doesn't necessarily make it a great idea. This will be my last email on the subject and I'll stop whining ... promise. > DragonFly BSD has an implementation of ASLR based upon OpenBSD's > model, added in 2010.[ > Microsoft's Windows Vista (released January 2007) and later have ASLR > enabled > In 2003, OpenBSD became the first mainstream operating system to > support partial ASLR > In Mac OS X Leopard 10.5 (released October 2007), Apple introduced > randomization for system libraries > > Linux has enabled a weak form of ASLR by default since kernel version > 2.6.12 (released June 2005). > > So basically 1 more week and we can be 10 years behind Linux. :) > Happy birthday ASLR? ;) Somehow it hasn't been terribly useful in 10 years, and we haven't really missed it, unless there's something I am unaware of that the security advisories didn't mention. If it comes to adopt things because we have to follow the herd, that I guess I prefer the Dragonfly BSD approach: - It is a very simple, to-the-point patch. - It is off by default (NetBSD too?) but very easy to setup with through a sysctl. - Given both points above it is very easy to revert once the marketing hype foo dies. Again just my uneducated opinion, and I won't spend time on the "quick" approach either. regards, Pedro.