On Tue, Jun 18, 2013 at 7:51 PM, Doug Koellmer <[email protected]> wrote:
> Interesting stuff Kevin...makes sense. Thank you for the context. > > Love the hack that websandbox does. I guess it does a time-elapsed > n > seconds check in the trapdoor function? I wonder if you could fool it by > placing a few iterations in a row that are just below the n-second > threshold, or if they calculate elapsed-time from when execution enters a > user's code. > I don't know what their docs might say about this, but Scott, the guy behind websandbox, was always clear verbally that his liveness defenses could not defend against a malicious denial of service attack. Nor was that his purpose. He was only trying to defend against denial of service accident, which I think he did quite well. From your initial question, I would guess that defense against accident is what you are looking for as well, so this technology would have helped. > > Anyway, that project looks dead based on their website ( > http://websandbox.livelabs.com/). Are there signs of life somewhere? > I was following websandbox rather closely during its heyday. I do not know of any current signs of life. > -- > > --- > You received this message because you are subscribed to the Google Groups > "Google Caja Discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- Cheers, --MarkM -- --- You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
