Well it's already pretty hard to exploit Android, the kernel is the weak point at the moment. I've studied the grsecurity code a lot and if you can exploit that stuff you can get high paying jobs for either red team or…
I'm not sure i follow, you can upstream any security feature to AOSP, CopperheadOS dev has upstreamed lots of stuff to improve security overall which is good. Google can do whatever they want but most of it is happening…
CopperheadOS doesn't use grsecurity anymore afaik. https://twitter.com/CopperheadOS/status/933684025624993792
Who are these top security researchers? ASLR on its own is useless but security is about layers there isn't one mitigation to rule em all. But ASLR combined with other features work very well, the funny part about…
Yet FreeBSD hasn't done a single thing to improve the current state of exploit mitigations. It doesn't matter how many people are writing code, grsecurity is mainly Spender & pipacs aka PaXTeam yet 14 Linux developers…
The funny part is that FreeBSD has had years to even implement anything as simple as ASLR but it didn't and instead starting to reject other peoples code. What HardenedBSD did is basically following the PaX model which…
Well it's already pretty hard to exploit Android, the kernel is the weak point at the moment. I've studied the grsecurity code a lot and if you can exploit that stuff you can get high paying jobs for either red team or…
I'm not sure i follow, you can upstream any security feature to AOSP, CopperheadOS dev has upstreamed lots of stuff to improve security overall which is good. Google can do whatever they want but most of it is happening…
CopperheadOS doesn't use grsecurity anymore afaik. https://twitter.com/CopperheadOS/status/933684025624993792
Who are these top security researchers? ASLR on its own is useless but security is about layers there isn't one mitigation to rule em all. But ASLR combined with other features work very well, the funny part about…
Yet FreeBSD hasn't done a single thing to improve the current state of exploit mitigations. It doesn't matter how many people are writing code, grsecurity is mainly Spender & pipacs aka PaXTeam yet 14 Linux developers…
The funny part is that FreeBSD has had years to even implement anything as simple as ASLR but it didn't and instead starting to reject other peoples code. What HardenedBSD did is basically following the PaX model which…