The AnC attack
Re: The AnC attack
Be careful not to believe too much of the hype surrounding this.
Although ASLR is an important defense-in-depth mechanism to prevent straight-up hacks, having it lose effectiveness doesn't "strip away protection" against vulnerabilities "merely by visiting a website". It only makes it easier for already-known vulnerabilities (which is where browser vendors need to work to mitigate in the first place) to be exploited by knowing the exact address certain code lives (easier payload targeting). How to access those locations from within a shielded web content context is a whole different story.
(As an aside: no, the proof-of-concepts don't work in the current version of Pale Moon)
Although ASLR is an important defense-in-depth mechanism to prevent straight-up hacks, having it lose effectiveness doesn't "strip away protection" against vulnerabilities "merely by visiting a website". It only makes it easier for already-known vulnerabilities (which is where browser vendors need to work to mitigate in the first place) to be exploited by knowing the exact address certain code lives (easier payload targeting). How to access those locations from within a shielded web content context is a whole different story.
(As an aside: no, the proof-of-concepts don't work in the current version of Pale Moon)
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite