-
@rsc recently added a `-spectre` flag to the compiler and implemented a couple of speculative execution exploit mitigations on amd64. These involved using conditional moves to prevent out of bounds in…
-
Hi,
Thanks for the very interesting work!
I am confused about one thing. In the paper (e.g. equation 11) the hessian is approximated by the square of the gradients, right? However, in the imple…
-
Hello,
I have a question about management of uploaded file in your application.
Is it intended behavior that uploaded files are executable?
I checked that Codiad has not the mitigations for e…
-
I was messing around with adding a package to AUR and noticed [namcap](https://wiki.archlinux.org/title/namcap) was producing a warning: `ELF file ('usr/bin/oq') lacks FULL RELRO, check LDFLAGS`, whic…
-
### What happened + What you expected to happen
Right now, if a core worker fails to register with raylet, the program will enter undefined behaviour (crash or stuck), with messages like
```
2023…
-
**Overview:**
We've shoehorned a few requirements into a single requirement (4.1.1) which may be challenging for developers to understand.
**Recommendation:**
Let's break this into two distinct …
-
**[ UUID ]** 34e2e26d-abf9-4e84-a4fd-17fddb3628ac
**[ Session Name ]** Personal Security: Fundamentals of Threat Modeling
**[ Primary Space ]** Privacy and Security
**[ Secondary Space ]** Web Litera…
-
IF there is a problem THEN this is the consequence.
This contains a list of mitigations.
-
Get information on top 2 misconfiguration issues and implement mitigations/fixes for those cases
-
We should spell out the fact that the `unsigned` field of PDUs received over S2S should be stripped of everything except an explicitly allowed set of keys, to prevent issues as described in https://gi…