GPUs are vulnerable to side-channel attacks (the same kinds of attacks as Meltdown and Spectre)

[Fasterthannothing]

Quote

Computer scientists at the University of California at Riverside have found that GPUs are vulnerable to side-channel attacks, the same kinds of exploits that have impacted Intel and AMD CPUs

Well great another piece of computer hardware that has a major exploit good grief.

Quote

Two professors and two students, one a computer science doctoral student and a post-doctoral researcher, reverse-engineered a Nvidia GPU to demonstrate three attacks on both graphics and computational stacks, as well as across them. The researchers believe these are the first reported side-channel attacks on GPUs.

These attack's are done by user counters for the performance trackers on GPU's

Quote

In this case, it exploits the user counters in the GPU, which are used for performance tracking and are available in user mode, so anyone has access to them.

There are three different attack's

Quote

The first attack tracks user activity on the web, since GPUs are used to render graphics in browsers. A malicious app uses OpenGL to create a spy program to infer the behavior of the browser as it uses the GPU. The spy program can reliably obtain all allocation events of each website visited to see what the user has been doing on the web and possibly extract login credentials

 

In the second attack, the authors extracted user passwords because the GPU is used to render the login/password box. Monitoring the memory allocation events leaked allowed for keystroke logging.

 

The third attack is the one that hits the data center. It targets computational applications, using the same memory sniffing for grabbing passwords but this time on a neural network to learn the network’s structure. In short, malicious code could sniff out your neural network algorithms and steal them.

Unfortunately they say the current fix turning off access to the counters breaks alot of things. This sounds like some horrible stuff but it does need to be installed via a malicious program so just be careful what you install. 

 

Source:https://www.networkworld.com/article/3321036/gpus-are-vulnerable-to-side-channel-attacks.html

[Bananasplit_00]

Let's see if the web ones can be dealt with using browser patches 

[Arika]

Game consoles are becoming more and more the safer option to go with 

[GoldenLag]

Even if it got demonstrated on an Nvidia GPU, its smart to assume the same can be done with AMD cards.

 

Just so we dont get a:

"Apple AMD doesnt get viruses"

[xAcid9]

Can i just disable browser hardware acceleration?

[Taf the Ghost]

Well, things are about to get really salty.

[Midniteb0ne]

1 hour ago, Shorty88jr said:

Well great another piece of computer hardware that has a major exploit good grief.

These attack's are done by user counters for the performance trackers on GPU's

There are three different attack's

Unfortunately they say the current fix turning off access to the counters breaks alot of things. This sounds like some horrible stuff but it does need to be installed via a malicious program so just be careful what you install. 

 

Source:https://www.networkworld.com/article/3321036/gpus-are-vulnerable-to-side-channel-attacks.html

Time to go back to the stone age.

[Guest]

1 hour ago, GoldenLag said:

Even if it got demonstrated on an Nvidia GPU, its smart to assume the same can be done with AMD cards.

 

Just so we dont get a:

"Apple AMD doesnt get viruses"

Apple don’t even have video cards  

[mr moose]

1 hour ago, VegetableStu said:

TEN GIGALEAKS

per second.

[laminutederire]

2 hours ago, GoldenLag said:

Even if it got demonstrated on an Nvidia GPU, its smart to assume the same can be done with AMD cards.

 

Just so we dont get a:

"Apple AMD doesnt get viruses"

It actually isn't. Its smart to not assume anything and just wait for a proof of it on amd or Intel gpus.

Just like those exploits touch more Intel than amd since Intel squeezed the original idea to get as much ipc out of it, I wouldn't be surprise me to see amd and Intel gpus to be at least less impacted by those exploits for the same reason.

[RejZoR]

2 hours ago, Arika S said:

Game consoles are becoming more and more the safer option to go with 

Good luck updating BIOS on one when they do find something and there will be no means to fix it. Or people even being aware of it...

[colonel_mortis]

3 hours ago, Shorty88jr said:

In the second attack, the authors extracted user passwords because the GPU is used to render the login/password box. Monitoring the memory allocation events leaked allowed for keystroke logging.

To be clear, the attack allows an attacker to detect when the browser has rendered a new frame, as well as some properties of it (such as the size of the repainted area). That allows the attacker to guess, for example, that you appear to be typing into a password field. They can then measure the time between each keystroke, which has been shown to reveal some information about the keys that were pressed. It doesn't actually disclose the password, but it does reveal the length and a non-zero amount of information about the content.

 

The paper can be found at http://www.cs.ucr.edu/~zhiyunq/pub/ccs18_gpu_side_channel.pdf. It's pretty readable, though it is 15 pages (the interesting parts are pages 6-11).

[Sauron]

2 hours ago, Arika S said:

Game consoles are becoming more and more the safer option to go with 

They have GPUs too

[AlTech]

2 hours ago, Sauron said:

They have GPUs too

Yes but their operating systems are more locked down in terms of what the user can and can't do.

[Sauron]

2 minutes ago, AluminiumTech said:

Yes but their operating systems are more locked down in terms of what the user can and can't do.

I wouldn't consider that a positive. A brick is very secure, but not very useful.

[AlTech]

5 hours ago, GoldenLag said:

Even if it got demonstrated on an Nvidia GPU, its smart to assume the same can be done with AMD cards.

 

Just so we dont get a:

"Apple AMD doesnt get viruses"

AMD doesn't get viruses tho .

 

They weren't affected by Meltdown and they weren't really affected with Spectre except for old obsolete stuff.

[GoldenLag]

2 minutes ago, AluminiumTech said:

AMD doesn't get viruses tho .

 

They weren't affected by Meltdown and they weren't really affected with Spectre except for old obsolete stuff.

would be interesting if both AMD and Intel were safe, but i would assume they arent. 

[Arika]

18 minutes ago, Sauron said:

I wouldn't consider that a positive

in the case of this exploit it absolutely is, also who is browsing the internet on a console?

 

Edit; this is also 5 month old news at this point. pretty sure we would have heard more about it if it really was a big deal

[Sauron]

30 minutes ago, Arika S said:

in the case of this exploit it absolutely is, also who is browsing the internet on a console?

Probably more people than you think. Besides, nothing's stopping a game developer from taking advantage of this - the games are closed source and I doubt Sony runs sufficiently thorough tests to catch a side channel attack in something like this.

 

It's also worth noting that accidentally downloading and installing malicious software believing it to be something else is almost exclusively a Windows problem - not something inherent to using a pc. Still, if all you do is play games from trusted stores and browse the web (which is all you can do on a console) you're unlikely to be affected.

30 minutes ago, Arika S said:

Edit; this is also 5 month old news at this point. pretty sure we would have heard more about it if it really was a big deal

There hasn't been a single reported instance of spectre being exploited in the wild, that doesn't make it any less serious.

[Valentyn]

6 hours ago, xAcid9 said:

Can i just disable browser hardware acceleration?

I do anyway, as it always causing hitching in some games for me, with multi-monitor and some sites like Netflix open.

[cj09beira]

6 hours ago, GoldenLag said:

Even if it got demonstrated on an Nvidia GPU, its smart to assume the same can be done with AMD cards.

 

Just so we dont get a:

"Apple AMD doesnt get viruses"

the way amd handles the tasks in the gpu is not even close to similar, so we can't say one way or another

[pas008]

Didn't nvidia say they were safe from meltdown?

 

Tdlr be nice right now but how is this vulnerability working 

Too Busy at work atm

[GoldenLag]

5 minutes ago, cj09beira said:

the way amd handles the tasks in the gpu is not even close to similar, so we can't say one way or another

But if it is done through API we can assume those variants can be used on any GPU. 

 

I would say my default possition in these scenarios are to assume that they are applicable to some level on other hardware

[colonel_mortis]

15 minutes ago, cj09beira said:

the way amd handles the tasks in the gpu is not even close to similar, so we can't say one way or another

Based on my understanding of the attack from the paper, I suspect that the OpenGL->OpenGL attack still applies to AMD cards (and likely unreleased Intel discrete cards too), although they didn't test it in the paper. The attack is about detecting memory allocations performed by other threads, and using that as a side channel to fingerprint certain activities, which is not likely to be dependent on the GPU architecture. It's entirely possible that more accurate data can be obtained with one manufacturer over another because of scheduling and the like, but I think it's likely that this is a general problem with all graphics architectures.

 

This is just speculation though.

[pas008]

so this is another you need to be infected with something to have this work? like the others?

 

am I reading this right?