[pjmlp]

I think a lot about security, during the last 30 years, and worshiping WASM sales pitch isn't one of them.

Also I explicitly mentioned that is the first paper of many others, that are starting to appear on cyber security conferences.

[hackcasual]

It's a 4 year old paper, and the biggest issue it brought up, malleable read-only data, is currently being addressed with the memory control proposal. The fact that a virtual environment can't prevent all types of erroneous program behavior is not particularly noteworthy. The fact of the matter, in particular when comparing WASM against containers, WASM is a generational step forward in terms of permissioning and isolation.

For my bonafides, this is me discussing this class of vulnerabilities 8 years ago: https://groups.google.com/g/emscripten-discuss/c/gGjklbJiX1c...