Y
Hacker News
new
|
ask
|
show
|
jobs
by
therein
3019 days ago
> Enable `#shared-array-buffer` in `chrome:///flags` under your own risk...
4 comments
tptacek
3019 days ago
SharedArrayBuffer was disabled exactly because vulnerabilities like this are easily exploitable (but there are POCs that don't depend on it).
link
ComputerGuru
3019 days ago
It was only disabled as a mitigation to these specific attacks, in case you though it was an experimental or “at your own risk” type of thing.
link
daira
3019 days ago
Disabling SharedArrayBuffer is just stopping the most obvious method of exploitation; it's by no means a fix. Expect a slew of papers over the next few years on other methods of exploitation from JS.
link
mtgx
3019 days ago
Every single browser had to disable that feature because of those flaws.
link