Shared Object Load Order Randomization

As we mentioned in our blog article about the Offset2lib attack, we wanted to make our ASLR a little more secure against these types of attacks. One of the ways we can strengthen our ASLR implementation is by randomization the order in which shared objects get loaded when a program starts up. This removes one more piece of determinism and can further frustrate an attacker. We've now implemented it.


EuroBSDCon and ARM

EuroBSDCon was a resounding success! Many great presentations were delivered that discussed security and gave the HardenedBSD developers ideas for features to implement. I met a few awesome people for the first time, including Ed Maste and Ilya Bakulin. Ilya Bakulin is a developer who took great interest in our ASLR work. He knows ARM pretty well and took a look at the bug that we were experiencing on ARM in regards to ASLR. Within a few hours, he had a working, stable, production-ready patch for us to merge into the HardenedBSD tree that fully fixes ARM.


Subscribe to RSS - ASLR