|
From: | Alexei Podtelezhnikov |
Subject: | Re: [ft-devel] Potential Timing Side-channel in Freetype Library |
Date: | Tue, 19 Feb 2019 09:11:15 -0500 |
> an unprivileged attacker could potentially utilize flush+reload cache > side-channel attack to measure the execution time of said subroutine to infer > user input. Isn't it why my passwords show up as ●●●●●●●●● in sensible applications? The random fuss should also be added there in those application. I really do not see why we should be concerned.
[Prev in Thread] | Current Thread | [Next in Thread] |