True, and unfortunate. I’m still sad that Spectre is treated as an “all hands on deck” emergency—one that played a not-insignificant role in killing a browser engine, in fact. It’s very hard to exploit and process isolation doesn’t even fully help today.
A sandbox is only as safe as its interfaces to the trusted process. On the Web, the surface area of that interface is so broad and so deep that I have a hard time imagining having confidence in it, any more than I have confidence in Linux kernel syscalls.
-
-
To me the issue isn’t so much that a few parts of the platform are problematic as that the platform as a whole is enormous.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.