No offence, but there are so many known issues, maybe not only the best writers know them, but also the average writers know some of them too?
-
-
Replying to @_f0rgetting_ @berendjanwever and
It's certainly worth noting the list of "out-of-scope" issues for the Mitigation Bypass bounty :-Dpic.twitter.com/1Aqq0ag6Xs
2 replies 0 retweets 14 likes -
Replying to @tiraniddo @_f0rgetting_ and
does chrome even pay for bypasses in your llvm CPI stuff?
2 replies 0 retweets 3 likes -
Replying to @dwizzzleMSFT @_f0rgetting_ and
Do you pay for anything in CFG based on that list? :-)
1 reply 0 retweets 4 likes -
-
Replying to @dwizzzleMSFT @_f0rgetting_ and
Why deploy a technology which you've clearly stated is broken, might as well spend more of your time on other stuff which matter.
1 reply 0 retweets 5 likes -
Replying to @tiraniddo @dwizzzleMSFT and
Have you even tried asking hackers nicely not to use non-cfg images James? I thought you cared about users???
1 reply 1 retweet 4 likes -
Replying to @taviso @dwizzzleMSFT and
We do, we ship the entirety of Chrome with non-cfg images, and the users love us for it.
1 reply 1 retweet 7 likes -
-
Replying to @dwizzzleMSFT @tiraniddo and
so you're saying what chrome needs are WX pages?
1 reply 0 retweets 2 likes
It appears we are debating which is better when nothing is stopping us from doing both. Unless you are certain that one or the other is never going to add value, why argue? IMHO both add value because they make exploitation harder and thus reduce the number of real life attacks.
-
-
Replying to @berendjanwever @dwizzzleMSFT and
"both" as in "CFG and WX pages"?
2 replies 0 retweets 0 likes -
Replying to @tehjh @berendjanwever and
"W" pages will solve your JIT problems once and for all.
0 replies 0 retweets 0 likes
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.