Dailydave mailing list archives
Re: Dep and aslr and /gs and so on
From: Jeremy Brown <0xjbrown41 () gmail com>
Date: Thu, 26 Mar 2009 14:44:21 -0400
Agreed, Dave. But when a company such as Microsoft, in this example, keeps adding protections to Windows instead of implementing possibly a central kernel base to keep things relative and smooth, then clutter and chaos are free to unite (and ignite). From the Linux perspective, all around, things seem to be done more efficiently. Are applications more secure on Linux? Not really. But a result of protections readily available on Linux distributions (honorable mentioned on BSD derivatives and Solaris) has nearly diminished public exploits for applications that result in stack smashing or otherwise memory-related exploitation. 2009/3/26 Dave Aitel <dave.aitel () gmail com>:
So over and over for several years now you can hear people in the offensive information security talk in despair about the new Microsoft protection measures. But here's the thing as I see it - if you tell yourself its impossible, then it definitely will be. As Joe Bennet from "Lipstick Jungle" would say: "Plan for success!". All of the new security technologies coming out total a one or two order of magnitude increase in an attacker's costs. That's not impossible, that's just inflation. So deal. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Dep and aslr and /gs and so on Dave Aitel (Mar 26)
- Re: Dep and aslr and /gs and so on Jeremy Brown (Mar 26)
- Re: Dep and aslr and /gs and so on Curt Wilson (Mar 27)
- Re: Dep and aslr and /gs and so on Ralf-Philipp Weinmann (Mar 26)
- Re: Dep and aslr and /gs and so on Bas Alberts (Mar 27)
- Re: Dep and aslr and /gs and so on Trygve Aasheim (Mar 27)
- Re: Dep and aslr and /gs and so on huku (Mar 27)
- Re: Dep and aslr and /gs and so on Jeremy Brown (Mar 26)