- From: Tab Atkins Jr. <jackalmage@gmail.com>
- Date: Sun, 4 Dec 2011 10:16:31 -0800
- To: Rik Cabanier <cabanier@gmail.com>
- Cc: Adam Barth <w3c@adambarth.com>, public-fx@w3.org, Dean Jackson <dino@apple.com>, Vincent Hardy <vhardy@adobe.com>, Thomas Roessler <tlr@w3.org>
On Sun, Dec 4, 2011 at 10:04 AM, Rik Cabanier <cabanier@gmail.com> wrote: > Hi Adam, > > I don't know much about timing attacks so I have a question. > Since the browser directs the GPU to run the shaders and composite their > output, the end result is invisible to the attacker since there is no > mechanism to get this bitmap data back. > The shaders also have no means to communicate through script since they can > only manipulate pixels. > > In this scenario, how would information ever leak? > WebGL is different since you have access to the entire OpenGL stack which > allows you to do more complex operations such as reading back data. The information is read back through the "timing channel", thus the name. This is done by making an operation take more or less time based on the information you want to extract, so you can read data out just by watching how long an operation took to complete, even if the language doesn't offer any way to get the data out normally. http://en.wikipedia.org/wiki/Timing_attack ~TJ
Received on Sunday, 4 December 2011 18:17:20 UTC