There seems to be some misinformation about WebAssembly and Spectre/security on tech blogs.
-
-
SharedArrayBuffer and WebAssembly threads (which are based on SharedArrayBuffer), allow creating a high-precision timer, sure. However, that doesn’t magically defeat Chrome’s Site Isolation or
@v8js’s JIT mitigations (https://github.com/v8/v8/wiki/Untrusted-code-mitigations …), as these articles seem to suggest.Show this thread -
Tech journalists should read the facts on the Chrome team’s stance regarding Spectre mitigations: https://chromium.googlesource.com/chromium/src/+/master/docs/security/side-channel-threat-model.md …
Show this thread
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.