The comparison is cherry picked cargo cult. ASLR and a lot of these mitigations were obsolete when HBSD implemented them https://www.endgame.com/blog/technical-blog/rop-dying-and-yo.... Their ASLR try was rejected by FreeBSD.org. Some of the bullets are completely asinine like xxx hardening, what does that even mean? The lead developer recently gave a conference talk where as far as I can tell he showed that you can root a box as.. root https://www.youtube.com/watch?v=bT_k06Xg-BE.
Can anyone point to a paper showing where HBSD successfully prevented an attack over FreeBSD?
So they generate a lot of noise. Instead of learning from the larger communities that are filled with extremely talented security people like Colin "cperciva" Percival, Robert Watson, Theo de Raadt, Maxime Villard, etc Shawn seems hellbent on being an exemplar of Dunning-Kruger effect. Unfortunately he is towing others along for the ride.
You started a nasty flamewar with this and got more uncivil downthread. We ban accounts that behave like that, so please don't. Instead, please present your arguments civilly, regardless of how right you are.
Sorry, wasn't the intent. It did appear we were going to make progress in the discussion at points but now is clearly two people with cemented viewpoints.
The link is not about ASLR, but ROP. ROP != ASLR :)
Anyway, even there, we can read : "ASLR aims to prevent an attacker from using previous knowledge of the address space to gain an advantage and execute malicious code. This has proven extremely effective in “raising the bar” of exploitation and is one of the most significant research challenges"
So, back to square one, why ASLR is obsolete? Its one of the main security features.
Recap: OPNsense uses HardenedBSD as base OS, which have ASLR, along with other BSDs. pfSense uses FreeBSD, which don't have ASLR/ASR.
The first sentence in the article should be a bell-ringer "Too often the defense community makes the mistake of focusing on the what, without truly understanding the why."
These are context sensitive things that aren't learned by reading a comment thread, if you can't read that article and understand that it shows a multitude of exploits that bypass ASLR and that almost every exploit and contest includes or relies on existing ASLR bypass I don't really know what to tell you other than to keep reading and researching. The answers you seek are linked from TFA.
Can anyone point to a paper showing where HBSD successfully prevented an attack over FreeBSD?
So they generate a lot of noise. Instead of learning from the larger communities that are filled with extremely talented security people like Colin "cperciva" Percival, Robert Watson, Theo de Raadt, Maxime Villard, etc Shawn seems hellbent on being an exemplar of Dunning-Kruger effect. Unfortunately he is towing others along for the ride.