| ▲ | userbinator 4 hours ago | |
It's really not surprising that letting websites run arbitrary code on your machine, even in a sandbox, would lead to things like this. | ||
| ▲ | sigmoid10 4 hours ago | parent | next [-] | |
There's no such thing as a sandbox "on your machine" when you really think about it. The code still runs on the same hardware and there are tons of ways to fiddle with said hardware that could be exploited (like rowhammer). The only "real" sandbox is fully dedicated hardware down to bare metal with zero connections to sensitive systems. | ||
| ▲ | matheusmoreira 3 hours ago | parent | prev [-] | |
And now that Google's web environment integrity is getting repackaged into captchas, it seems we won't even be able to try to block such things in the future... | ||