From owner-freebsd-current@freebsd.org Sun Feb 28 04:34:24 2021 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C11715600AC for ; Sun, 28 Feb 2021 04:34:24 +0000 (UTC) (envelope-from ihor@antonovs.family) Received: from mail.antonovs.family (mail.antonovs.family [100.25.240.195]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mail.antonovs.family", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dp9XH59Dlz4r1y; Sun, 28 Feb 2021 04:34:23 +0000 (UTC) (envelope-from ihor@antonovs.family) Received: by mail.antonovs.family (OpenSMTPD) with ESMTPSA id 472d8839 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Sun, 28 Feb 2021 04:34:14 +0000 (UTC) Date: Sat, 27 Feb 2021 20:34:11 -0800 From: Ihor Antonov To: freebsd-current@freebsd.org Cc: Gordon Bergling , Ed Maste , FreeBSD Current Subject: Re: HEADS-UP: PIE enabled by default on main Message-ID: <20210228043411.mj7l5wkwj46neurv@localhost> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4Dp9XH59Dlz4r1y X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=antonovs.family; spf=pass (mx1.freebsd.org: domain of ihor@antonovs.family designates 100.25.240.195 as permitted sender) smtp.mailfrom=ihor@antonovs.family X-Spamd-Result: default: False [-3.30 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; MID_RHS_NOT_FQDN(0.50)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[100.25.240.195:from]; SPAMHAUS_ZRD(0.00)[100.25.240.195:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[antonovs.family,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:14618, ipnet:100.24.0.0/13, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-current]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Feb 2021 04:34:24 -0000 > > But isn't it well-known that ASLR/ASR/any-related-buzzwork does not add > any security, except imaginary? The only purpose of it is to have a > check-list item ticked green. I don't know if I should parse this as sarcasm (or any other form of "humor") or is a serious statement? But this does leave me with a whole bunch of questions.. If this is really how Konstantin is describing it then is it OK to say about this to the whole Internet? Why FreeBSD Foundation is paying for meaningless work then? Why members of the Core team do this work? Does this mean that FreeBSD is working to satisfy the silly needs of some fat customer? What about project independence and not being controlled by big money? Where can I read about ASLR and security myths? Why not spend time and explain why this does not work? > You clearly should mean something useful and much more important than that, > when stating that FreeBSD made a huge step forward. So I want to be aware > of the advance. Why attack a person who was really happy for the project? This DOES sound a agressive, even for a sarcastic joke.. I am saying this someone who shares the same native language with Mr. Belousov, it is not a "language/culture" difference thing. ----- just your regular user who reads mailing list ocassionally