@andreasdotorg @lanodan @ariadne people constantly miss the forest for the trees in exactly this way. The asset to defend is usually /not/ the execution environment. So if you spend all your scarce resources rewriting things to be able to defend one part of one layer of one of the execution environments that impacts on the asset to defend, you've misallocated. Especially where effective compensating controls already exist.
Conversation
Notices
-
Embed this notice
Falcon Darkstar (falcon@mastodon.falconk.rocks)'s status on Wednesday, 21-Feb-2024 20:01:27 JST Falcon Darkstar - Haelwenn /элвэн/ :triskell: likes this.
-
Embed this notice
Falcon Darkstar (falcon@mastodon.falconk.rocks)'s status on Wednesday, 21-Feb-2024 20:04:18 JST Falcon Darkstar @andreasdotorg @lanodan @ariadne All I'm really saying here is, the memory corruption RCE vulns tend to be in things that are heinously complex and hard to implement correctly (or even define correctness for), and meanwhile my professional experience and that of my colleagues is dominated by things like logic bugs in managed code that just give up all the sensitive data for fun, and nobody keeps track of those bugs, and I see no work on systematic mitigations for them.
Haelwenn /элвэн/ :triskell: likes this.