Linked by Dareka on Fri 19th Apr 2013 10:40 UTC
BeOS & Derivatives "Starting with hrev45522, address space layout randomization (ASLR) and data execution prevention (DEP) are available in Haiku. These two features, which have actually become a standard in any modern OS, make it much harder to exploit any vulnerability that may be present in an application running on Haiku, thus generally improving system security."
Thread beginning with comment 559378
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: In the sidebar?
by bassbeast on Sun 21st Apr 2013 00:14 UTC in reply to "In the sidebar?"
bassbeast
Member since:
2007-11-11

Uhhh...how EXACTLY is this interesting? ASLR and DEP are fine and dandy for OSes that are being actively targeted but for haiku this is as useless as tits on a boar hog as we say down here.

So if you are happy they have that checkbox on a bulletpoint? Then I'm happy for you, I really am. But I bet you could scan the web for the next year and not find a virus targeting haiku that ASLR and DEP would protect against, hell you'd be lucky to find a single bug that would run on it at all.

Sometimes security by obscurity actually does work and unless they have made a deal with some OEM to sell haiku boxes I don't really see a point in this other than filling in a checkbox on a list, i really don't.

Reply Parent Score: 2

RE[2]: In the sidebar?
by pgeorgi on Sun 21st Apr 2013 12:04 in reply to "RE: In the sidebar?"
pgeorgi Member since:
2010-02-18

Sometimes security by obscurity actually does work and unless they have made a deal with some OEM to sell haiku boxes I don't really see a point in this other than filling in a checkbox on a list, i really don't.

Right now it might be useless. But having the feature on by default makes sure that applications run in such an environment (and don't make weird assumptions). Which can come in handy should the feature ever become crucial.

Reply Parent Score: 2

RE[2]: In the sidebar?
by Vanders on Sun 21st Apr 2013 13:39 in reply to "RE: In the sidebar?"
Vanders Member since:
2005-07-06

Uhhh...how EXACTLY is this interesting? ASLR and DEP are fine and dandy for OSes that are being actively targeted but for haiku this is as useless as tits on a boar hog as we say down here.

ASLR and DEP can also help developers find bugs: things like dangling pointers to unreferenced memory quickly become apparent, for example.

Reply Parent Score: 4

RE[3]: In the sidebar?
by bassbeast on Sun 21st Apr 2013 21:54 in reply to "RE[2]: In the sidebar?"
bassbeast Member since:
2007-11-11

Well then TFA should say that, as not all of us are programmers and a little info can make all the difference.

Heck i learned more from you and that guy that posted in the thread about how shoddy some of the code is in Haiku (which he says is thanks to the GSoC bringing in junior programmers) than I did in the article itself.

Reply Parent Score: 2

RE[3]: In the sidebar?
by moondevil on Mon 22nd Apr 2013 11:18 in reply to "RE[2]: In the sidebar?"
moondevil Member since:
2005-07-08

ASLR and DEP can also help developers find bugs: things like dangling pointers to unreferenced memory quickly become apparent, for example.


A better solution for this is to have warnings as errors and make static analyzers part of the build process.

Reply Parent Score: 3