Jump to content
Facebook Twitter Youtube
GFX Designer Recruitment Campaign
Moderators Recruitment
Classic Server Cs 1.6 Server
Technical Issues

[Hardware] NVIDIA and AMD graphics have a vulnerability that allows passwords to be stolen

FNX Magokiler

By FNX Magokiler,
in Hardware

 Share

Recommended Posts

FNX Magokiler Veteran

FNX Magokiler

Posted
Posted

Researchers at the University of Texas at Austin have discovered a vulnerability that affects all graphics cards. This side channel vulnerability allows a malicious website to deliver private information without user consent. According to the research, this affects all graphics cards on the market, whether they are from Intel, AMD, NVIDIA, Apple, ARM or Qualcomm.

There are many security protocols to prevent the theft of sensitive user information. One of these mechanisms is the same origin policy, which requires complete isolation between the domain and the content.

This mechanism, among others, tries to prevent the theft of passwords to access different services. Among the mechanisms used is masking passwords with dots when we enter them. Although, there are times when previews are allowed to ensure that we do not make mistakes.

They can get your password "thanks" to the graphics card
The first thing you should know is that, to exploit this vulnerability, you must access a malicious website. Within these websites what is done is a reconstruction of the representation of pixels generated by the GPU. In the end, we are writing the password and it is represented by this component and that is how the theft is achieved.

 

YVsHmAE.png

 

We have to highlight that researchers have said that the GPU-zip vulnerability (the name given to it by researchers) is serious, but the threat is low. They have highlighted that graphics card manufacturers must release software patches and make hardware adjustments.

This vulnerability exploits data compression on the GPU. This mechanism allows reducing the amount of data stored and its transit. Since compression depends on the data, these are a mathematical representation that "doubles" the original size.

Despite this mechanism, a data relationship exists and the initial parameter can be obtained again. Even with compression, initial information can be obtained.

We have compression of data from the GPU that is sent to the DRAM or the different system caches. In the end, it is the original data modified so that it takes up less space. Despite this "mani[CENSORED]tion" the bits of the original information can be recovered.

Passwords, usernames and other valuable information can be reconstructed pixel by pixel through rendering.

 

https://hardzone.es/noticias/tarjetas-graficas/nvidia-amd-intel-vulnerabilidad-robar-contrasenas/

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

WHO WE ARE?

CsBlackDevil Community [www.csblackdevil.com], a virtual world from May 1, 2012, which continues to grow in the gaming world. CSBD has over 70k members in continuous expansion, coming from different parts of the world.

 

 

Server Zone

Helpful Links

Important Links

VERSION 2.4.0

THEME BY TECTONICPX.COM
© 2012 - 2025 CSBD Community

Licensed to: CsBlackDevil.Com Powered by Invision Community


×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept