-
The x86_64-fortanix-unknown-sgx target currently has Load Value Injection (LVI) mitigations enabled by default. These mitigations were introduced by #72655. At the time, these software mitigations we…
-
**This is a tracker issue.** Only discuss things here if they are security group internal meta-discussions about the issue. **Contribute to the actual discussion at the following link:**
§ https://gi…
-
In discussion today with @fitzgen, @jameysharp, @elliottt and @lpereira, we were considering the idea to [dynamically monitor branch mispredictions](https://arxiv.org/abs/2110.04751) and isolate execu…
-
In the issue title above add the document name followed by the date of this request, then the date of your proposed deadline for comments.
- name of spec to be reviewed: Vibration API
- URL of spe…
-
**Overview:**
We've shoehorned a few requirements into a single requirement (4.1.1) which may be challenging for developers to understand.
**Recommendation:**
Let's break this into two distinct …
-
Tassis is a fairly open server. It allows anyone to connect and register key distribution information. The only requirement for posting keys on behalf of a device is that the device authenticates as b…
-
I feel that the wormhole paragraph is not mature enough for this submission. Some issues:
* several parts of the content is a duplicate of `5.2.4. Manipulation of the Path-Selection Process` in [d…
-
Per [discussion](https://github.com/immersive-web/webxr/pull/638#issuecomment-507789603), the table in the [privacy design doc](https://github.com/immersive-web/webxr/blob/67b0c0992e7d82c383d619900ef1…
-
What is our strategy for testing fingerprinting mitigations and super-cookie mitigations? Fingerprinting mitigations are especially tricky to detect.
-
## *What* does the bug affect?
The ability to boot into Windows
## *When* does this occur?
After running the script with the "Remove Windows Defender Antivirus + Disable All Security Mitigations"…