Posted on Monday, January 11 2016 @ 14:21 CET by Thomas De Maesschalck
A Canadian student hacker named Evan Andersen discovered a bug in NVIDIA's GeForce drivers that makes it possible to retrieve webpages that were viewed in Google Chrome's incognito browsing mode. Andersen says he discovered the bug when he was greeted by an adult entertainment video, which he watched a couple of hours before, when he launched Diablo III.
Upon closer investigation, Andersen discovered that when you close Chrome's incognito mode, the GPU frame buffer is not cleared but added to the pool of free GPU memory. This enables previous contents to leak to other applications.
This is a serious problem. It breaks the operating system’s user boundaries by allowing non-root users to spy on each other. Additionally, it doesn’t need to be specifically exploited to harm users – it can happen purely by accident. Anyone using a shared computer could be exposing anything displayed on their screen to other users of the computer.Andersen submitted a bug report to both NVIDIA and Google in 2014. NVIDIA acknowledged the issue but has still not fixed the problem. Google on the other hand marked it as a bug it won't fix, claiming incognito mode is not designed to protect you against other users on the same PC.
It’s a fairly easy bug to fix. A patch to the GPU drivers could ensure that buffers are always erased before giving them to the application. It’s what an operating system does with the CPU RAM, and it makes sense to use the same rules with a GPU. Additionally, Google Chrome could erase their GPU resources before quitting
