This reasoning is actually why I ran Windows XP 64 bit edition for very very long. Most exploits found that it was XP and tried to do stuff and failed on the 64 bit kernel they did not expect.
I'm not going to say that's a good idea, but I've long had an idea along similar lines that a source-only distribution that generates a bespoke calling convention, stack frame layout, syscall number mapping, etc. for each individual machine at install time would do a lot to mitigate RCE threats.
I wonder if it's ancient enough that the exploits floating online are too modern for it...
Hah, I guess the Internet really is like a sewer, you have to have good protective equipment to wade in it...
This reasoning is actually why I ran Windows XP 64 bit edition for very very long. Most exploits found that it was XP and tried to do stuff and failed on the 64 bit kernel they did not expect.
I'm not going to say that's a good idea, but I've long had an idea along similar lines that a source-only distribution that generates a bespoke calling convention, stack frame layout, syscall number mapping, etc. for each individual machine at install time would do a lot to mitigate RCE threats.
2 replies →