zlacker

[return to "Google is already pushing WEI into Chromium"]
1. Philip+yk[view] [source] 2023-07-26 13:43:50
>>topshe+(OP)
One thing about this that I don't understand is how they intend to validate memory without controlling the entire stack (which we aren't even 1% close to achieving on the desktop). If I poke /dev/mem, does that mean Chrome will have to validate every single byte of it's ram? Or does it rely on having a fully locked down environment (maybe feasible on phones).
◧◩
2. TillE+wn[view] [source] 2023-07-26 13:55:11
>>Philip+yk
Even on Windows, you can do practically anything with a signed driver.

There's just no such thing as verifying a "secure environment" outside of extremely narrow, controlled scenarios.

[go to top]