[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ft-devel] Potential Timing Side-channel in Freetype Library
|
From: |
Roland Mainz |
|
Subject: |
Re: [ft-devel] Potential Timing Side-channel in Freetype Library |
|
Date: |
Tue, 19 Feb 2019 15:37:10 +0100 |
On Tue, Feb 19, 2019 at 3:11 PM Alexei Podtelezhnikov
<address@hidden> wrote:
>
> > an unprivileged attacker could potentially utilize flush+reload cache
> > side-channel attack to measure the execution time of said subroutine to
> > infer user input.
>
> Isn't it why my passwords show up as ●●●●●●●●● in sensible applications?
> The random fuss should also be added there in those application. I
> really do not see why we should be concerned.
I agree. And most passwords are in the ASCII range, which is very
likely already loaded (Xserver core protocol fonts or Xrender fonts)
in one piece, and most rendering engines load glyphs in complete
Unicode blocks. Beyond that the same argumentation could be used
*everywhere*, e.g. ssh protocol with compression enabled+sufficient
fine-grained clock ticks+passwort prompt of a remote application.
At some point trying to "optimise" for this makes no sense unless you
redesign the operating system to prevent such things. FreeType is
clearly the wrong place, unless we go after ALL the shared libraries
which have functions with variable processing time based on user
input.
Oh, and can we please involve libncurses ([1]) ... =:-)
[1]=Cursing&&swearing allowed... :-)
----
Bye,
Roland
--
__ . . __
(o.\ \/ /.o) address@hidden
\__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer
/O /==\ O\ TEL +49 641 3992797
(;O/ \/ \O;)