Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 17 Nov 2015 21:17:59 -0500
From: Daniel Micay <danielmicay@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Re: Fwd: x86 ROP mitigation

> It's the first step of a very long road.
> 
> This attitude is quite pervasive across security people, and it's not a
> very good one. Just because the first iteration of a technology isn't
> perfect, or the ideas have room for improvement is no reason to go all
> negative.

It's not that it's not perfect. Rather, it's not useful yet. Perhaps it
will be useful down the road.

> Sometimes great ideas start out like this. If it's a bad idea, it won't
> stick around for long.

Sure, it might turn out well. But it would be one component in a much
larger set of changes and it's not clear what those would need to be.

It's not simply a matter of piling on more and more work until it is
actually useful. The problem and the scope of the solution actually
needs to be defined beforehand.

> There are few instances where doing nothing is better than doing
something.

Nothing is certainly better than something that's not useful... less
complexity means more easily maintained code and avoiding distractions
from meaningful features (which this could be, but there isn't a plan
laid out to make it one right now). There are existing examples of the
security features in GCC causing security issues. It's pretty scary that
-fstack-check could cause subtle memory corruption on ARM until recently
(fix is not in a release yet). That feature at least has a clear purpose
though.


Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.