Exploit Mitigation Techniques: an Update After 10 Years (Theo de Raadt)

[David Noel]

http://tech.yandex.ru/events/yagosti/ruBSD/talks/1487/

I found an interesting talk the other day by OpenBSD's Theo de Raadt
discussing the various exploit mitigation techniques used by OpenBSD.
After outlining them he spent a few minutes talking about their
adoption by other operating systems. He was particularly critical of
the FreeBSD project for either not incorporating these techniques or
for incorporating them, but disabling them by default.

I'm not a systems developer so I have little basis for an opinion on
what he said. I was hoping someone here who was more knowledgeable in
that domain could chime in. Are the techniques he describes really the
cutting edge when it comes to operating system security? Again, I'm
not a systems guy, but I could see the value in the techniques he
described. On the other hand I could also see how things like address
space randomization could be dismissed as security through obscurity,
and stand as nothing more than a small roadblock one would have to
work around to compromise a system.

If these techniques are not worth implementing, what are their main
criticisms? If they are as useful as Theo seems to believe, what
efforts are underway to incorporate them into FreeBSD?

-David