So is Chrome too secure for #Pwn2Own or are the prizes too low?
-
-
IMHO, exploiting for RCE in Edge is also easy enough even when RFG/CET is employed in the future, so compare which one is more easy is meaningless.
-
I'm not saying it can't be done by the best exploit writers, but would you agree that the average exploit writer is going to have a harder time on Edge compared to Chrome?
-
No offence, but there are so many known issues, maybe not only the best writers know them, but also the average writers know some of them too?
-
It's certainly worth noting the list of "out-of-scope" issues for the Mitigation Bypass bounty :-Dpic.twitter.com/1Aqq0ag6Xs
-
does chrome even pay for bypasses in your llvm CPI stuff?
-
Do you pay for anything in CFG based on that list? :-)
-
Yeah that’s what I thought
-
Why deploy a technology which you've clearly stated is broken, might as well spend more of your time on other stuff which matter.
- 7 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
