To be clear: if we wanted to fix Spectre in Firefox, we could use hacks to scramble the branch predictor and BTB before executing JS in a different domain than the last one we executed. This would be more effective than Fission/Site Isolation, AFAICT.
(And to reiterate I think we *should* do Site Isolation…just that we should be clear about what the real-world benefits are going to be.)
-
-
You’d rather have a memory-unsafe renderer with Site Isolation over a memory-safe one without it? That’s putting a *lot* of faith in your sandbox mechanisms.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.