[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Public WebGL] EXT_disjoint_timer_query disabled



On Sat, May 19, 2018 at 3:08 AM, Ken Russell <kbr@google.com> wrote:
EXT_disjoint_timer_query could not only be used to launch the GLitch attack, but act as a high-precision timer to carry out Spectre-like attacks

This isn't only true of a browser. How is this not a problem for all applications?
 
Reducing the timers' precision was sufficient to mitigate the GLitch attack, and as it turns out, Chrome's implementation of EXT_disjoint_timer_query already returned sufficiently lower-precision results.

How much precision was reduced?

However, Site Isolation is the long-term defense against Spectre, and it's close to being turned on in Chrome by default. At that point, the EXT_disjoint_timer_query WebGL extension will be turned back on in Chrome.

This is gonna happen when?
 
Other browsers have mitigations in progress for Spectre, and once those land, useful features like EXT_disjoint_timer_query and SharedArrayBuffer will be re-enabled in those browsers, too.

And this is gonna happen when?