Netscape Navigator exploitation is probably harder than modern Blink/WebKit. Our crack team of browser researchers found type confusions in the JS engine, but the behaviour makes no sense. And we are learning the ISA looking at MacsBug. #37c3
This profile might be incomplete.
Open on nso.group qwertyoruiopz
Wall 2 posts
qwertyoruiopz
Netscape Navigator exploitation is probably harder than modern Blink/WebKit. Our crack team of browser researchers found type confusions in the JS engine, but the behaviour makes no sense. And we are learning the ISA looking at MacsBug. #37c3
qwertyoruiopz
they say C++ is all about zero cost abstractions but no one is accounting for the cost of therapy needed after looking at C++ code for long enough
Oliver Hunt
@qwertyoruiop In fairness that's how they treat all of the other costs that come from C and C++: ASLR, Pointer Auth, zoned/typed allocators, etc. C and C++ achieve "zero abstractions" by defining any of the costs incurred by the language design choices as being UB and out of the scope of the language itself. Which is certainly a strategy. Also, I cannot stress enough how amazing it is to me that you were able to get that domain. |
@qwertyoruiop things that won’t happen to it:
@qwertyoruiop The site of a MacsBug screen is traumatizing to those of us who wrote apps for the Mac in the '80s.
@qwertyoruiop time to back port JSC