Netscape Navigator exploitation is probably harder than modern Blink/WebKit. Our crack team of browser researchers found type confusions in the JS engine, but the behaviour makes no sense. And we are learning the ISA looking at MacsBug. #37c3
2 posts total
Netscape Navigator exploitation is probably harder than modern Blink/WebKit. Our crack team of browser researchers found type confusions in the JS engine, but the behaviour makes no sense. And we are learning the ISA looking at MacsBug. #37c3 they say C++ is all about zero cost abstractions but no one is accounting for the cost of therapy needed after looking at C++ code for long enough @qwertyoruiop In fairness that's how they treat all of the other costs that come from C and C++: ASLR, Pointer Auth, zoned/typed allocators, etc. C and C++ achieve "zero abstractions" by defining any of the costs incurred by the language design choices as being UB and out of the scope of the language itself. Which is certainly a strategy. Also, I cannot stress enough how amazing it is to me that you were able to get that domain. |
@qwertyoruiop things that won’t happen to it:
@qwertyoruiop The site of a MacsBug screen is traumatizing to those of us who wrote apps for the Mac in the '80s.
@qwertyoruiop time to back port JSC