"Security Vulnerability in Browser Interface Allows Computer Access via Graphics Card"

Researchers from the Institute of Applied Information Processing and Communications at Graz University of Technology (TU Graz) successfully demonstrated three side-channel attacks on graphics cards via the WebGPU browser interface. According to the researchers, the attacks were fast enough to succeed during normal Internet surfing. Modern websites place ever-increasing demands on computing power. Therefore, web browsers have had access to the computing capacities of the Graphics Processing Unit (GPU) as well as the Central Processing Unit (CPU). The scripting language JavaScript can use GPU resources through programming interfaces such as WebGL and the new WebGPU standard. However, as the researchers have pointed out, this carries risks. They used a website with malicious JavaScript to spy on information regarding data, keystrokes, and encryption keys in three different attacks through WebGPU. This article continues to discuss the side-channel attacks demonstrated on graphics cards via the WebGPU browser interface.

Graz University of Technology reports "Security Vulnerability in Browser Interface Allows Computer Access via Graphics Card"

Submitted by grigby1