Hacker News new | ask | show | jobs
by martin1975 3084 days ago
and what if I wrote a compiler that doesn't heed any of your security concerns? It would still compile to machine code and continue to be able to exploit things Spectre/Meltdown style? Or am I off here?
3 comments
white-flame 3084 days ago
You'd only be able to run it on your system. At least, without other means of breaching the low level secured configuration of someone else's machine, because that's where the One True Compiler for that system lives.
link
gumby 3084 days ago
If I were taking this approach I might not even tell you the instruction set of the machine, so your compiler wouldn’t be useful.
link
XorNot 3084 days ago
I think the idea is you just never accept foreign machine code.
link