Believing in numbers and fair evaluation, I've compared RAP and LLVM-CFI. RAP is faster, LLVM-CFI is more precise. RAP is incredibly hard to use and its future is uncertain while LLVM-CFI is just a command line argument away. Details at nebelwelt.net/blog/20181226-… Comments welcome 🤗
18
28
79
Not that it matters, since your credibility is about non-existent as far as I'm concerned at this point, but you declared LLVM-CFI the winner by comparing the non-LTO public RAP for the kernel against LTO-required LLVM-CFI, despite LLVM-CFI having much higher performance hit
2
3
not mentioning that commercial RAP can use LTO for the same benefits (see quote from our RAP announcement below) which you would know had you bothered to submit your test for compilation, rather than relying on misinformation and biased speculation to suit your goal
2
1
And I'm guessing you never read this comment in the source: github.com/fanfuqiang/rap_so…
2
Why should I read all the source code? I've read through the main files but my leisure time to review other people's software projects for software archaeology is limited
1
1
Depends on your goal I guess, if it's me and my goal is actually to inform people rather than just fumble around and write a blog post to save face and reinforce existing bias, I'd want to make sure I'm putting out accurate information. Clearly we differ in that regard. 🤗
1
Again, I invite you to write up the design choices behind RAP and produce a paper. Please! I'd love to cite your paper! Work with us!
1
1
Here's the thing though: you could have emailed or asked on here any questions about this stuff, even again with this recent blog post before publishing false information. Yet you continue to not do that, which suggests bad faith to me.
2
This is on you, not me. I offered several times to take this to email, yet you continue to harass me over twitter. My real name and email is public. I don't even know who's behind @grsecurity or @paxteam. Your choice.
2
1
Replying to @gannimo @grsecurity
as i asked you here nitter.vloup.ch/paxteam/status/1… already, you had all the time to actually reach out instead of 'offering' it. why haven't you? and did you or did you not evaluate RAP before your rampage of the past 2 weeks? either way, you got caught lying :).
PaX Team @paxteam
12 Dec 2018
Replying to @gannimo @anders_fogh @halvarflake @dakami @0xcharlie
what compatibility issues and why did you never report anything to me? FWIW, the public version works with linux fine, it's production quality.

Dec 27, 2018 · 2:57 PM UTC

2
Replying to @paxteam @grsecurity
As I me mentioned earlier in this thread, we tried to evaluate but failed due to lack of documentation. Also, as I also mentioned earlier, RAP is not novel. It may be a nice implementation but it does not contain technical novelty, so burning cycles to evaluate it is not worth it
1
Replying to @paxteam @grsecurity
After your continuing baseless attacks, I tried to take the high road and evaluate RAP. But you're hard to reason with ¯\_(ツ)_/¯
1