In general, it goes back to the choice of making things secure by making them simple and obviously correct, or making things appear secure by making stuff crazy complicated so nobody except silent attackers bother specializing enough in it enough to find the flaws.
Sorry, I was just responding to what you said, "if you believe that we can simply prevent attackers from ever getting RW in kernel than you don't think this is worth the trade off". I guess I don't know what you mean then, can you explain?
-
-
Guys, grab a beer in Vegas and shoot the breeze

-
Were more food court people
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

