Mastodon Feed
Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
kurtseifried@infosec.exchange ("kurtseifried (he/him)") wrote:
Disclaimer: I do not interact with the OpenBSD anymore due to abuse, however I will say on a technical level they have tried to squash entire classes of vulns, relatively effectively for the last 2 decades:
- W^X (Write XOR Execute):
URL: https://en.wikipedia.org/wiki/W%5EX- ProPolice Stack Protector:
URL: https://en.wikipedia.org/wiki/OpenBSD_security_features- Address Space Layout Randomization (ASLR):
URL: https://en.wikipedia.org/wiki/Address_space_layout_randomization- RETGUARD:
URL: https://www.gobsd.org/viewtopic.php?t=3862They invented some stuff or were an early implementor.
Good news: we're (CSA) working on something in this area and will hopefully have some interesting things to show off in a few weeks.