Security by obscurity fails again
-
@xaade said in Security by obscurity fails again:
Isn't the whole point that the CPU is being monitored for memory access, and then the access sequence is "decrypted" to determine where the relevant parts are loaded?
-
@xaade said in Security by obscurity fails again:
Isn't the whole point that the CPU is being monitored for memory access
By what? The attacker really has a very awkward attack surface at best, since they've got very little choice as to what code they can run to start with.
OTOH, I'm of the opinion that allowing the attacker to ever be able to specify code that is run (outside of whatever profiled sandbox you happen to think you might trust) is a pretty bad idea in the first place. The key problems are elsewhere; ASLR makes a class of attack harder to use, but it's still a band-aid on a disembowelling.