I see lots of concern about what Meltdown and Spectre mean for the web, containers, and VMs, but not much about what it means for hosted ecosystems like Android and iOS. Are people so confident they can trust the App Store, or am I not seeing it b/c of bias in my twitter feed?
Why do you doubt the feasibility? Keep in mind that Chromium IPC very much uses shmem…
-
-
I was doubting the existence of a usable gadget that the attacker could feed arbitrary input to (without getting killed for failing the bounds checks), but on second thought there'd be a lot of attack surface in the main process exposed to a renderer.
-
(Also I was thinking more about renderer-vs-renderer, but the cross-origin bits you'd want to steal are probably also in the main process.)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.