[tor-bugs] #4152 [Core Tor/Tor]: Implement Bottom Up Randomization (Windows platform)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu May 25 17:23:14 UTC 2017
#4152: Implement Bottom Up Randomization (Windows platform)
-------------------------------------------------+-------------------------
Reporter: bastik | Owner: tom
Type: enhancement | Status:
| assigned
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-relay windows hardening aslr | Actual Points:
security |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by tom):
Replying to [comment:9 cypherpunks]:
> The correct implementation has already been written in
https://blog.didierstevens.com/2012/03/29/update-se_aslr-version-0-0-0-2/
> (Usually TBB Team makes hardening on Windows, but if you make it for Tor
and TBB, it would be great. :)
My reading of https://blogs.technet.microsoft.com/srd/2013/12/11/software-
defense-mitigating-common-exploitation-techniques/ is that this technique
is used by default in Windows 8+ if you turn on ASLR. So adding the code
manually would improve the situation on Windows 7; but would probably just
eat memory (although this may not be a real problem) on anything above
that.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4152#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list