Safe, Closure-free, Serializable functions

Alex Russell slightlyoff at google.com
Thu Sep 26 14:12:26 PDT 2013


"Defend against everything" is a security non sequitur. If you want this
group to consider specific areas to lock down, we need to understand
specific threat models.

Le 26/09/2013 20:14, Alex Russell a écrit :

On Thu, Sep 26, 2013 at 9:56 AM, Aymeric Vitte <vitteaymeric at gmail.com>wrote:

>  I would like to defend against a potential mitm/code injection and
> ideally against globals modifications.
>

 Only one of those is a threat (MITM). The other is an effect of something
happening (which you may or may not want). Conflating them isn't meaningful.


I am not "conflating them", the idea is to defend against everything, as
far as possible, including physical attacks like your colleague hacking
inside your browser while you have left your office during some time, I
don't find it so unlikely to happen, and quasi impossible to detect.

Regards,

Aymeric

-- 
Peersm : http://www.peersm.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20130926/ffd4b2d5/attachment-0001.html>


More information about the es-discuss mailing list