.@farazsth98 pointed out that the Firefox team have publicly stated that they think constant blinding used in Chrome is a superficial mitigation and trivial to bypass - which is why they don't implement it. Does anyone have more details? To me, this mitigation seems useful..
Replying to @silviocesare @farazsth98
I dunno, but I never really liked it. I proposed an alternative, "constant pooling" - indirectly load constants from a non-executable table. I had stats that showed performance impact was negligible, more loads but better icache perf. Blinding was trivial to implement though.
0 replies
1 retweet
6 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.