Randomizing snake-oil

Posted May 12, 2017 8:56 UTC (Fri) by aggelos (subscriber, #41752)
In reply to: Randomizing snake-oil by nhippi
Parent article: Randomizing structure layout

Actually solving problems is not in the interest of most people in the security field. Randomized defenses which "raise the bar", only to be conclusively shown inadequate within a few months are very convenient that way. This is a pattern both in academia and the industry. By pursuing defenses which cannot be complete (if you allow arbitrary programmer expressivity, you're always confronted with the halting problem), you keep the arms race going. This is to the benefit of both defenders and attackers (keeps the funds flowing).

Not being totally cynical about this, as of course "raising the bar" now is a consideration for many production deployments. In my (perhaps poorly informed) opinion though, the allocation of funds is clearly not concerned with eventually having robust solutions, just with piling complexity on top of complexity (academia is pretty good at that) with no end in sight.

And yes, there's no way to have flawless programs. Logic errors aside, even in a memory safe language, the programmers can very well implement their own instruction set and have a memory safety violation in their binary code (which would only be data to the type system). This is not really in the same class of "fundamentally unworkable" as expecting a huge source base to be kept bug free (see the recent kernel quotes of the week). This line of thought is a total derailment IMHO.