You started a nasty flamewar with this and got more uncivil downthread. We ban accounts that behave like that, so please don't. Instead, please present your arguments civilly, regardless of how right you are.
Sorry, wasn't the intent. It did appear we were going to make progress in the discussion at points but now is clearly two people with cemented viewpoints.
The link is not about ASLR, but ROP. ROP != ASLR :)
Anyway, even there, we can read : "ASLR aims to prevent an attacker from using previous knowledge of the address space to gain an advantage and execute malicious code. This has proven extremely effective in “raising the bar” of exploitation and is one of the most significant research challenges"
So, back to square one, why ASLR is obsolete? Its one of the main security features.
Recap: OPNsense uses HardenedBSD as base OS, which have ASLR, along with other BSDs. pfSense uses FreeBSD, which don't have ASLR/ASR.
The first sentence in the article should be a bell-ringer "Too often the defense community makes the mistake of focusing on the what, without truly understanding the why."
These are context sensitive things that aren't learned by reading a comment thread, if you can't read that article and understand that it shows a multitude of exploits that bypass ASLR and that almost every exploit and contest includes or relies on existing ASLR bypass I don't really know what to tell you other than to keep reading and researching. The answers you seek are linked from TFA.