Comment by zamalek

2 years ago

There have been cases where OpenBSD's hypothetical mitigations have worked out well for the project. I recall a relatively recent DNS cache poisoning attack that OpenBSD was novel in pre-emptively mitigating because something (I think it was the port?) was "needlessly" random.

If a mitigation has negligible performance impact, and doesn't introduce a new attack vector, I can't imagine why it would be seen as a bad thing.

4 comments

zamalek

lmm 2 years ago

> If a mitigation has negligible performance impact, and doesn't introduce a new attack vector, I can't imagine why it would be seen as a bad thing.

Because it creates confusion about your threat model, which can ultimately weaken your security.

insanitybit 2 years ago

Every mitigation is code and complexity. There is always a cost.

binkHN 2 years ago
Not for every mitigation. There are plenty of cases where OpenBSD removed code and functionality because of security implications.
- insanitybit 2 years ago
  
  In this case we got a code exec.