The smallest entity that we keep taint information for is a byte and if any bit in a byte is tainted the whole byte is regarded as tainted Since process and thread ids are drawn from the same pool of numbers they never overlap ion cannon simply checks at the beginning of the execution of each translation block if the code resides in the address space occupied by the BHO 0 gerridaeOn runtime the decryption routine processes the encrypted payload yielding the unencrypted version that is then executed bugThis structure is 24bytes long and is listed below