lattera to Present HardenedBSD Talk at THOTCON
lattera will be giving a talk about HardenedBSD titled "Pissing off the bad guys by porting grsecurity to HardenedBSD" at THOTCON in Chicago at 12:00PM CST on Thursday, May 4th 2017 in Track X. Please contact him if you plan on attending and he might be willing to meet up. The details of the talk are as follows:
Work on HardenedBSD began around three years ago, with HardenedBSD becoming official two years ago. We've implemented the strongest form of Address Space Layout Randomization (ASLR) in all the BSDs. We've ported over a number of grsecurity features. FreeBSD, upon which HardenedBSD is based, serves at least 36% of all peak North American Internet traffic, thanks to Netflix. Juniper, Cisco, NetApp, iXsystems, and others all use FreeBSD under-the hood. Yet FreeBSD lacks any low-level exploit mitigation technologies. Exploiting vulnerable applications has never been easier. The NSA must love FreeBSD-based systems. HardenedBSD aims to implement low-level exploit mitigations and security hardening technologies, starting with porting the grsecurity patchset. We've come a long way, and we have even longer to go.This presentation discusses in detail the advancements we've made, including comparisons to Linux and OpenBSD. Attendees will understand why exploit mitigation is an absolute must and will learn the technical details of each feature.