I know I’ve talked about memory before, but I haven’t really talked about the library randomization that was added to 10.5. Library randomization is part of ASLR (address space layout randomization) and a good part of the way to moving into full ASLR inclusion, but they haven’t completed that circuit, which a recent TechTarget article mentions: The weakness Dai Zovi exploits is in heap memory, which is memory that’s not in use. To address memory security issues, the PaX project for Linux developed a set of features to protect address space. Two of these are Address Space Layout Randomization (ASLR) and Non-executable memory (NX). ASLR makes it harder for malware…