Closed Bug 1639344 Opened 5 years ago Closed 4 years ago

Analyze security considerations of WebGPU in depth

Tracking

()

Status:

RESOLVED FIXED

People

(Reporter: kvark, Assigned: kvark)

References

Details

Dzmitry Malyshau [:kvark]

Assignee

Description

•

5 years ago

This was requested in https://github.com/mozilla/standards-positions/issues/239#issuecomment-571333559

The current spec draft has Security considerations sections that is a bit too shallow. We need to make a more complete story of security and fingerprinting concerns. At the very least, we need to expand on the timing attack mitigations and analyze our options on reducing fingerprinting.

This task is about building an explanatory document.

Dzmitry Malyshau [:kvark]

Assignee

Comment 1

•

5 years ago

Lowering to S3 as to not confuse the release management.

Severity: S2 → S3

Dzmitry Malyshau [:kvark]

Assignee

Comment 2

•

4 years ago

I believe this is fixed in a series of PRs into the WebGPU spec now under Malicious use considerations.

Status: NEW → RESOLVED

Closed: 4 years ago

Resolution: --- → FIXED

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Analyze security considerations of WebGPU in depth

Categories

(Core :: Graphics: WebGPU, task, P3)

Tracking

()

People

(Reporter: kvark, Assigned: kvark)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Comment 2