I am too lazy to research it and still wondering. Can someone give me a basic explanation of it?

    • dsemy@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      2
      ·
      edit-2
      9 months ago

      Did you read it? The author is clearly biased against OpenBSD.

      As an example, he dedicates quite a lot to talk about “ROP gadgets removal” (which is an ineffective mitigation employed by OpenBSD), however he also states:

      Anyway, removing ROP gadgets the way OpenBSD is doing it doesn’t add a large amount of complexity, doesn’t harm performances nor debuggability, so why not, but it doesn’t make exploitation significantly harder, at all.

      When you consider the fact that some mitigations which were considered overkill were proven significant with time (for example, OpenBSD was completely unaffected by Spectre v1 and similar exploits since they disabled hyperthreading), statements like these make it clear to me that the author is biased.

      Edit: This is not to say the website is deceptive, it’s just that it doesn’t provide a good analysis or comparison of the security of different systems IMO.