Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 17 Nov 2015 21:17:59 -0500
From: Daniel Micay <danielmicay@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Re: Fwd: x86 ROP mitigation

> It's the first step of a very long road.
> 
> This attitude is quite pervasive across security people, and it's not a
> very good one. Just because the first iteration of a technology isn't
> perfect, or the ideas have room for improvement is no reason to go all
> negative.

It's not that it's not perfect. Rather, it's not useful yet. Perhaps it
will be useful down the road.

> Sometimes great ideas start out like this. If it's a bad idea, it won't
> stick around for long.

Sure, it might turn out well. But it would be one component in a much
larger set of changes and it's not clear what those would need to be.

It's not simply a matter of piling on more and more work until it is
actually useful. The problem and the scope of the solution actually
needs to be defined beforehand.

> There are few instances where doing nothing is better than doing
something.

Nothing is certainly better than something that's not useful... less
complexity means more easily maintained code and avoiding distractions
from meaningful features (which this could be, but there isn't a plan
laid out to make it one right now). There are existing examples of the
security features in GCC causing security issues. It's pretty scary that
-fstack-check could cause subtle memory corruption on ARM until recently
(fix is not in a release yet). That feature at least has a clear purpose
though.


Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ