[webkit-dev] On adding 'console.memory' API (and about the whole 'console' object.)
Adam Barth
abarth at webkit.org
Wed Jun 2 12:06:53 PDT 2010
I haven't looked into the details, but, in general, side channel
information is a rich area for unintentional disclosure. For example,
timing information leaks a ton of information.
Here's a recent paper that shows a bunch of stuff you can use from the
sizes of things. In this case, they're looking at the size on the
wire, but you could imagine something similar for in-memory size:
http://oakland31.cs.virginia.edu/slides/sidechannel.pdf
Adam
On Wed, Jun 2, 2010 at 11:52 AM, Sam Weinig <sam.weinig at gmail.com> wrote:
> Now that I have had a little time to think about it, I think my biggest
> concern with this type of API is the unintentional ability for an attacker
> to gain information from the engine consuming specifics amount of memory.
> Let's take the visited link history stealing attack as an example. Even
> though you can no longer use getComputedStyle() directly to gain information
> as to whether a link was visited or not, if the engine allocated subtly
> different amounts of memory depending on whether the link was visited or
> not, an attacker could detect this and gain that information.
> Adam (and other web security people), am I being overly paranoid about this?
> -Sam
>
> On Fri, May 28, 2010 at 10:56 AM, Mikhail Naganov <mnaganov at chromium.org>
> wrote:
>>
>> Greetings, WebKit deveopers,
>>
>> As a response to requests from web apps developers, I was intended to
>> add a simple API for accessing web app's memory consumption, see
>> https://bugs.webkit.org/show_bug.cgi?id=39646
>>
>> The scenario of using this API is as follows:
>> - a builbot runs web app's common usage scenarios tests;
>> - inside tests, memory usage is recorded via the API proposed;
>> - the results are sent to a server (using XHR or a CGI request);
>> - server plots nice graphs of memory usage status, bound to the
>> changes made to the web app;
>> - thus, if someone does a change that blows up memory usage,
>> developers will notice.
>>
>> As Sam points out, this change may be fine, but he suggests to make it
>> accessible only when a browser runs in a special "developer" mode.
>> This can also be applied to the whole 'console' object.
>>
>> Please, share your thoughts on this.
>
>
More information about the webkit-dev
mailing list