Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
minitech 8 hours ago

ASLR is (still[1]) not security by obscurity.

[1] https://news.ycombinator.com/item?id=43408079

bigstrat2003 4 hours ago | parent [-]

ASLR is, by definition, security by obscurity. The entire purpose of it is to make it so that it's hard to find the memory which is in use.

sixtiethutopia 11 minutes ago | parent [-]

That's not what security through obscurity means. Security through obscurity has a specific meaning, it doesn't just mean to gain security by hiding anything it means to attempt to gain security by hiding how a system works.

ASLR is a well understood system that exploit writers know to expect and thus ASLR is not security through obscurity.