| 1 |
On Fri, Jan 5, 2018 at 7:34 AM, Walter Dnes <waltdnes@××××××××.org> wrote: |
| 2 |
> |
| 3 |
> I wonder if it's possible to compile a web browser with protection |
| 4 |
> against the exploits, but turn it off for other apps. That would |
| 5 |
> protect against external attacks, while not hurting local app speed. |
| 6 |
> |
| 7 |
|
| 8 |
There are three exploits, all requiring different solutions. Only |
| 9 |
exploit 3 has a solution which impacts speed. |
| 10 |
|
| 11 |
Trying to fix exploit 3 in the browser seems dubious. You'd need to |
| 12 |
detect code patterns that could be trying to trigger the exploit |
| 13 |
before they're run, because the CPU itself isn't going to provide any |
| 14 |
protection here. Exploit 3 is the only exploit that doesn't require |
| 15 |
some kind of underlying vulnerability in a piece of software that is |
| 16 |
being attacked (in addition to the CPU vulnerability). |
| 17 |
|
| 18 |
Exploits 1/2 do require fixes in the browser already, but those don't |
| 19 |
significantly impact performance. Those fixes are also still being |
| 20 |
worked on. |
| 21 |
|
| 22 |
-- |
| 23 |
Rich |
Archives