|
|
|
|
|
|
by laurencerowe
988 days ago
|
|
|
> AWS run untrusted code on Lambda all the time. AWS uses virtualization (Firecracker) to provide isolation for Lambda. WebAssembly vs browser/javascript isolation is a little like virtualization vs operating system level isolation. WebAssembly and virtualization offer far smaller attack surfaces which mean they are far more likely to remain secure in the long term. Browsers and operating systems are highly complex abstractions and they only remain secure (if you keep them patched) through the large ongoing investment in them. |
|
|