In a groundbreaking discovery, researchers have unearthed an alarming vulnerability that shines a spotlight on all major GPU manufacturers, including Apple, Intel, AMD, Arm, Qualcomm, and Nvidia.
This new attack, dubbed GPU.zip, threatens user privacy by allowing malicious websites to discern and read pixels from other websites, potentially exposing usernames, passwords and other sensitive information.
The attack sidesteps the pivotal "same origin policy" security measure, which traditionally ensures that content from one website remains insulated from all other domains.
Under normal circumstances, this policy would stop websites from scrutinizing data from other sites, including content, source codes and the end visual products. However, GPU.zip has demonstrated that this is no longer an absolute assurance.
By exploiting the data compression techniques GPUs use to augment performance, the attack acts as a sneaky side channel to capture pixels one at a time.
A key to this method is the use of an iframe
, a standard HTML element often used to embed external content like ads or images. While most sites that house sensitive data block cross-origin embedding, some, such as Wikipedia, do not. This loophole makes sites like Wikipedia vulnerable to the attack, revealing information like usernames.
Although the attack only works on Chromium-based browsers like Chrome and Edge, its implications are profound. The methodology varies slightly depending on the GPU manufacturer, given the distinct data compression schemes they utilize.
After meticulously reverse-engineering each scheme, researchers concluded that, while execution time differed, the pixel capture accuracy remained consistently high, hovering near 100%.
Yingchen Wang, the principal researcher from the University of Texas at Austin, delved deeper into the mechanics of the attack, stating: "We found that modern GPUs automatically try to compress this visual data, without any application involvement. This is done to save memory bandwidth and improve performance. Since compressibility is data dependent, this optimization creates a side channel which can be exploited by an attacker to reveal information about the visual data."
This discovery poses urgent questions about the privacy measures in place and underscores GPU manufacturers' need to bolster their defenses against such vulnerabilities.
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsNovember 14, 2024
September 06, 2024