W3C home > Mailing lists > Public > public-fx@w3.org > October to December 2011

Re: Merging CSS Shaders proposal into Filter Effects

From: Chris Marrin <cmarrin@apple.com>
Date: Tue, 01 Nov 2011 16:34:45 -0700
Message-id: <5232BF61-A48B-4899-B799-F4E0DBE883A2@apple.com>
To: public-fx@w3.org

On Oct 31, 2011, at 5:18 PM, Tab Atkins Jr. wrote:

> ...
>> There has been a lot of discussion on the timing attack, but I would note two important things:
>> 
>> a. it is much harder to time the processing time in a CSS shader than in WebGL. You can basically time a shader the same way to time any rendering in HTML/CSS/SVG.
> 
> Incorrect.  You time rendering the same, yes, but you cannot
> *manipulate* render time in normal HTML/CSS like you can in a Shader.
> It's possible to get fairly predictable manipulations in Shaders that
> you can't easily get with arbitrary content.

I don't like all the "theoretical" concern I've been hearing from all quarters recently about timing attacks. The only actual successful attack I've seen is the WebGL attack and even  that is pretty sketchy. It only extracts monochrome and after a minute you get a blocky image that kind of looks something like the source image, as long as there's not much detail. In the 2D canvas attack example, all I see is numbers flashing on the screen that is supposed to somehow show that information is being leaked. I just haven't seen anything very scary yet.

I'd really like to see a bona fide successful attack where information is compromised using a CSS shader. Then we can discuss if it's a real threat, something we can protect against, or something we should not be concerned about.

-----
~Chris
cmarrin@apple.com
Received on Tuesday, 1 November 2011 23:35:31 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 1 November 2011 23:35:33 GMT