Remix.run Logo
stackghost 4 days ago

If the app can run arbitrary code on my GPU it's not exactly sandboxed, is it?

do_not_redeem 4 days ago | parent [-]

Are you launching Chrome with --disable-gpu-sandbox? If not, it's sandboxed.

stackghost 4 days ago | parent [-]

If websites can run compute shaders on my hardware, that's not a sandbox.

crazygringo 4 days ago | parent | next [-]

Sandboxing is about preventing code from accessing data it's not supposed to. Data like files or memory belonging to other tabs or other processes. Or data streams like your webcam or microphone. Data outside of its, well, sandbox.

So how are compute shaders accessing data they're not supposed to? How do you think they're escaping the sandbox?

do_not_redeem 4 days ago | parent | prev | next [-]

It seems like you're just making up your own definitions now because you don't like the tech. What do think a sandbox is, exactly? And what do you think Chrome's GPU sandbox does, if it's not a sandbox?

jillyboel 3 days ago | parent | prev | next [-]

do you have a proof of concept that uses webgpu shaders to extract sensitive data?

stackghost 3 days ago | parent [-]

The search term you're looking for is "monero miner"

jillyboel 3 days ago | parent [-]

this exfiltrates data somehow? looking forward to the poc

tedunangst 4 days ago | parent | prev [-]

If websites can run JavaScript on your hardware, is that not sandboxed?