Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It changes a broad class of attack exploits to require return-oriented programming techniques to exploit. Are you seriously claiming that ROP isn't "that much harder" than injecting arbitrary code?


libc by itself provides a Turing-complete set of ROP gadgets: <http://www.cs.ncsu.edu/faculty/jiang/pubs/RAID11.pdf>.


First of all: thanks! I'm excited to read this!

Second of all: ugh! Dear HackerNews team, please fix your URL matching algorithm so it doesn't include <> in URLs; they're actually explicitly recommended by the URI RFC as delimiters.

Sincerely,

halosghost


Here's the original paper of this attack (AFAIK): http://cseweb.ucsd.edu/~hovav/dist/geometry.pdf

The other paper shows that this technique is Turing complete.

But yes, basically W^X is defeated.


>Are you seriously claiming that ROP isn't "that much harder" than injecting arbitrary code?

Yes I am.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: