> Vess is asserting that AV vendors can write their own versions of the most complicated parts of the browser & OS (including parsing & rendering HTTP/HTML/CSS/JS/PNG, JS runtime, etc), then add more code on top of that to detect bad things, and do all of this while adding no significant bugs and with tolerable performance overhead.
Don't forget they usually try and run all of that right in the kernel, because if there's one thing you want more than hardly tested unsafe reimplementation of the most complex and dangerous parts of a browser, it's to run them in ring0.
Don't forget they usually try and run all of that right in the kernel, because if there's one thing you want more than hardly tested unsafe reimplementation of the most complex and dangerous parts of a browser, it's to run them in ring0.