I don't have the means to watch this talk right now so I apologise if my questions or comments have already been addressed.
While i agree with all of your points, I can't really see many of these suggestions being taken up by Debian. Especially things like compiling packages as pie or with asan(lol) or enabling significant grsec and Pax options. These all come with a non-trivial runtime overhead and will introduce usability and stability issues by design (I.e. processes will crash or not start instead of continue in a potentially dangerous way.) The problem is most users and developers (including the likes of Linus) do not care at all about security but will hit the roof in rage if the system is 0.1% slower or this buggy 30 year old Unix application does not work anymore. Is it realistic to incorporate real security into such a mainstream distro Debian or do we need to build/ fork a separate distro? What is the actual plan to get these things done? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
