Just look at the amount of brilliant, hard work in the abstract. That is the reason I don’t trust tactical mitigations. After smashing others, they say they’ll propose some mitigations. I didn’t read them. I didn’t because the next paper will be similarly clever people with a lot of time on their hands smashing their mitigations. It goes on and on. I still skim them in case something breaks my recommendations or others in high-assurance security. Do they have a section on that?
“Stopping PIROP primitives. A practical way to stop PIROP attacks is to remove the necessary primitives. For
example, to eliminate relative memory write primitives, we may rely on memory safety solutions – or, alternatively, data-flow integrity solutions , . However, these solutions incur nontrivial performance overhead, reducing the performance benefits of ASLR.”
(wipes sweat off forehead) Oh, it doesn’t work on memory safety and data-flow integrity. Those are what I was just recommending on a text editor thread. Glad the fundamental techniques are still standing. The implementations still need more review, though, just in case.