[PATCH] Insert random noops to increase security against ROP attacks (llvm)
Chandler Carruth
chandlerc at google.com
Mon Jan 5 19:54:21 PST 2015
On Mon, Jan 5, 2015 at 7:45 PM, PaX Team <pageexec at gmail.com> wrote:
> On 5 Jan 2015 at 19:19, Chandler Carruth wrote:
>
> > On Mon, Jan 5, 2015 at 7:13 PM, PaX Team <pageexec at gmail.com> wrote:
> >
> > > that's exactly what i'm wondering about: what is that class of attacks?
> > > blind ROP can discover gadgets remotely without knowing the exact code
> > > content.
> > >
> >
> > I'm not a security expert, but I would imagine that blind ROP is somewhat
> > harder / more difficult / more expensive than ROP.
>
> that's why it's worth reading the paper as they provide numbers ;). the
> attacker's
> cost is quite economical, say a few thoudand tries (obviously this
> requires a
> respawning service, e.g., this won't work against a browser, but there're
> other
> ways for that case). now if everyone had brute force prevention like
> grsecurity
> we'd be talking about a different cost model...
Is it not reasonable to provide this kind of tool for the folks who do have
such prevention mechanisms?
We're just tool vendors here. We're not endorsing or enshrining any of
these tools.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150105/dd93c915/attachment.html>
More information about the llvm-commits
mailing list