1) Summarize the Barth paper in a few bullets/sentences.

2) In the paper's design, they do not attempt to prevent a
malicious website evil.com that knows a zero-day exploit in the
rendering engine from stealing cookies for all other sites.
Why not?

3) What's the one thing you'd most like us to discuss in
class about privilege separation?