科技回声

> Conclusion:> * Programming language implementations cannot establish confidentiality on today's hardware> * Don't run untrusted code in the same process with secrets it could stealI understand that because of this, browsers are moving towards running untrusted JavaScript code in separate processes, so that confidentiality is provided by process boundaries.Does anyone know whether other applications that embed scripting languages and run untrusted code (e.g. games that embed Lua[JIT]) are also moving towards a multi-process architecture?

Only tangentially related: what does Spectre means for single address space OSs (Midori, Singularity)?

That's a very weird typo for language. Usually we can tell what word was meant if some letters are missing from what I understand, but for some reason this one was surprisingly bad.

Only tangentially related: what does Spectre means for single address space OSs (Midori, Singularity)?

That's a very weird typo for language. Usually we can tell what word was meant if some letters are missing from what I understand, but for some reason this one was surprisingly bad.

What Spectre Means for Lanugage Implementers [video]

3 条评论

What Spectre Means for Lanugage Implementers [video]

3 条评论