The ASLR is a clever bad aid (software only) to try hold together the feet of clay of all the flawed system OSes that are now far too costly or impossible to fix.
I believe to make a secure system requires a complex ballet between the protective hardware and the supporting software based on simple and clearly understood principles. Each one alone, hardware or software is not enough.
Security through obscurity is not enough.
You are still doomed, even if you are running everything in an very smart Interpreter running from ROM where each byte and address of user code is being validity checked and even with the 200+ times slow down penalty.
My system design maxim (original or not) is “A little bit of (security) hardware beats an awful lot of software any day”.
Reply To: ASLR (security) spyker49