Come play in the V8 Sandbox with us!

Big day for the V8 Sandbox:
* Now included in the Chrome VRP: g.co/chrome/vrp/#v8…
* Motivation & goals discussed in a new technical blog post: v8.dev/blog/sandbox

If there is ever a Sandbox 'beta' release, this is it!

Jaana Dogan ヤナ ドガン This is not just distributed systems. Client-side apps suffer from 'more features - more failure modes' as well.

At least we don't usually do cascading failures, I guess? ;)

Companies who don't understand the basics of distributed systems don't seem to get the fact that more features = more failure modes (often cascading).

The Google Detection Team is expanding in India and Brazil and we're looking for amazing security analysts to help us protect Google and the data that billions of users entrust us with! We're hiring the following roles:

HYD: lnkd.in/gQu__uNg

SAO: lnkd.in/guxdmWDQ

I try an avoid this hellsite, but I did a quick dive into sudo in Windows and here are my initial findings. tiraniddo.dev/2024/02/sudo-o…

The main take away is, writing Rust won't save you from logical bugs :)

Google has provided a grant of $1M to the Rust Foundation to improve Rust code interop with C++ codebases. We’re also furthering our commitment to the open-source Rust community by aggregating and publishing audits for Rust crates we use in open-source projects... 1/3

A pure-Rust implementation of the X.509 path validation algorithm from Trail of Bits blog.trailofbits.com/2024/01/25/we-…

For the Googlers who are just finding out they have been laid off, don't worry. There is life after Google, and there are plenty of interesting opportunities out there.

I drew this 12 months ago, as LLM code assistants were just becoming available.

Has it held up?

💥New ITW 0-days discovered by clem1 and Benoît . CVE-2023-6345 in Chrome (Skia) and CVE-2023-42916 and CVE-2023-42917 in Safari. Chrome bug patched on Tuesday only 4 days after report 😍 and...

chromereleases.googleblog.com/2023/11/stable…

Another exciting step for the V8 sandbox: with crrev.com/c/5007733 (in Chrome 121) BytecodeArrays are now the first internal objects to move out of the sandbox and into the new trusted heap space: docs.google.com/document/d/1Ir…!

Microsoft Edge Security is hiring Vulnerability Researchers and Security Operations in Hyderabad, India!
jobs.careers.microsoft.com/global/en/job/…

jobs.careers.microsoft.com/global/en/job/…

jobs.careers.microsoft.com/global/en/job/…

it's much easier to add complexity than it is to remove it

New blog on escaping Chromium sandbox from JavaScript from Marco `wsx` (@[email protected]) and Giulio C 🔥🌸. microsoftedge.github.io/edgevr/posts/E…

Did you know there are approximately 85 organizations authorized to issue TLS certificates for the web today? Or that seven of them issue 99% of all certificates currently in use? The presence of the others is largely intended to accommodate web openness and national…

Say goodbye to signing hassles and hello to savings with Hancock! Our FREE Essentials plan means you can sign documents effortlessly at no cost - for life. Secure your forever-free signing now -- getting started has never been easier! Hancock.ink

The biggest anxiety driver in the modern workplace is the expectation of immediate response. Teams, email, text...

Neuroscience has proven our brains our single threaded no matter how badly we want to expand 'productivity' and our work culture really needs to evolve.…

Next Peculiar Ventures is going to make sharing of key material and certificates across distributed teams, and organizations easy and secure while enabling Passkeys to be used in quorums to approve key usage. Eliminating excuses for poor key management practices in approval and…

Rust Cryptography Should be Written in Rust - briansmith.org/rust-cryptogra…