[webkit-dev] Timing attacks on CSS Shaders (was Re: Security problems with CSS shaders)
Adam Barth
abarth at webkit.org
Sat Dec 3 23:06:51 PST 2011
On Mon, Oct 24, 2011 at 9:51 PM, Adam Barth <abarth at webkit.org> wrote:
> Personally, I don't believe it's possible to implement this feature
> securely, at least not using the approach prototyped by Adobe.
> However, I would love to be proven wrong because this is certainly a
> powerful primitive with many use cases.
I spent some more time looking into timing attacks on CSS Shaders. I
haven't created a proof-of-concept exploit, but I believe the current
design is vulnerable to timing attacks. I've written up blog post
explaining the issue:
http://www.schemehostport.com/2011/12/timing-attacks-on-css-shaders.html
Jonas Sicking seems to have a similar concern:
https://twitter.com/#!/SickingJ/status/143161375823380480
It's probably worth addressing this concern sooner rather than later.
Ignoring it certainly won't cause the vulnerability to go away.
Adam
More information about the webkit-dev
mailing list