GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Talya (she/her) (yuvalne@433.world)'s status on Tuesday, 03-Oct-2023 04:39:52 JST Talya (she/her) Talya (she/her)

    A new security vulnerability was found when combining #Chromium browsers with virtually all modern GPUs (Intel, Apple, Nvidia, AMD and ARM).
    Neither #Google nor any of the mentioned vendors are planning on fixing it.
    https://arstechnica.com/security/2023/09/gpus-from-all-major-suppliers-are-vulnerable-to-new-pixel-stealing-attack/

    #Mastodon, by the way, isn't vulnerable to this attack, thanks to having the `X-Frame-Options` and `Content-Security-Policy` headers. Many other fedi platforms however, including #Pixelfed, #Firefish and #Writefreely don't have them, at least when I tested.

    In conversation Tuesday, 03-Oct-2023 04:39:52 JST from 433.world permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: cdn.arstechnica.net
      GPUs from all major suppliers are vulnerable to new pixel-stealing attack
      A previously unknown compression side channel in GPUs can expose images thought to be private.

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.