top | item 41200131

(no title)

voidbert | 1 year ago

Even if someone got unsigned machine code execution on V8's or SpiderMonkey's JIT, the same could happen on JavaScript Core. All browsers could be vulnerable to something like this (it's just a matter of time before a vulnerability appears), and Apple should be focusing on securing their app sandbox.

In terms of privacy and third party apps, isn't the protection domain name based? Those are native apps, so browser protection wouldn't work.

discuss

No comments yet.