earlier replies
Replying to @MattDenton @gannimo
You talk about how it was difficult to evaluate his work, but isn’t it your job to evaluate all the important, practical implementations available? How did you feel happy publishing an incomplete paper? Was it because LLVM was clearly better? How did you know?
2
From the information that was available, RAP is a subset of existing implementations. We tried reproducing but there are limits. There's no reason to reimplement an incomplete solution that implements a subset of the status quo.
1
The issue here is that RAP cannot be reasonably evaluated. It takes me 2min to test out LLVM-CFI: clang.llvm.org/docs/SafeStac… there's documentation and it's well tested. I was so far unsuccessful at running RAP. While I'd love to evaluate it, I have limited resources :)
1
But you still haven’t answered whether you tried to email him? All of these problems would have been solved if he had helped, and if he didn’t, then that’s clearly his fault and you did everything you could.
1
I did not email him last week. IIRC we reached out ~2 years ago. He started this discussion on twitter so I continued it and asked for help. Instead of helping, he continued to insult, so ¯\_(ツ)_/¯
1
Okay. @paxteam seems to believe differently, IIUC, and thinks that you never emailed. If you did, then I have to agree that you have limited resources, and it’s at least acceptable that you did what you did, given limited resources.
1
IIRC I started an email thread when he yelled at me over twitter the last time where I asked if we could meet in person to discuss (a couple of years ago?) ¯\_(ツ)_/¯ I did a quick search but don't keep very old email, so I may be wrong.
2
Also, I don't think our viewpoints are unmergable. These twitter discussions just end up being toxic.
2
what i find toxic is your personal attacks, lack of apologies when you're proven wrong and lack of responses to the apparently 'tough' questions i asked you (noexec.txt/FPValidator/your earlier RAP evaluation, etc in case you 'forgot').
2
My main point is that RAP cannot be reproduced or used in practice. So instead of arguing over Twitter for several days invest that time into a writeup and clean release and we'd all be happy? 👍
1
Replying to @gannimo @MattDenton
why do you keep spreading this disinformation? you patch in PaX, enable RAP in menuconfig and off you go. thousands of people managed to use it since 2016, one would hope with a PhD you can too. if you want something outside the kernel then you'll have to work with me.

Dec 21, 2018 · 12:21 PM UTC

1
Replying to @paxteam @MattDenton
Ok, please send me the user space plugin and a howto. My email is in my profile or on my website.
1
i don't distribute that (it's a commercial product for a reason), what i can do is run your tests and give you the information you need from the results.
1
more replies