Remix.run Logo
do_not_redeem 7 months ago

Are you launching Chrome with --disable-gpu-sandbox? If not, it's sandboxed.

stackghost 7 months ago | parent [-]

If websites can run compute shaders on my hardware, that's not a sandbox.

crazygringo 7 months ago | parent | next [-]

Sandboxing is about preventing code from accessing data it's not supposed to. Data like files or memory belonging to other tabs or other processes. Or data streams like your webcam or microphone. Data outside of its, well, sandbox.

So how are compute shaders accessing data they're not supposed to? How do you think they're escaping the sandbox?

do_not_redeem 7 months ago | parent | prev | next [-]

It seems like you're just making up your own definitions now because you don't like the tech. What do think a sandbox is, exactly? And what do you think Chrome's GPU sandbox does, if it's not a sandbox?

jillyboel 7 months ago | parent | prev | next [-]

do you have a proof of concept that uses webgpu shaders to extract sensitive data?

stackghost 7 months ago | parent [-]

The search term you're looking for is "monero miner"

jillyboel 7 months ago | parent [-]

this exfiltrates data somehow? looking forward to the poc

tedunangst 7 months ago | parent | prev [-]

If websites can run JavaScript on your hardware, is that not sandboxed?