GPUs are vulnerable to 3 side-channel attacks

Recent research suggest GPUs are vulnerable to 3 side-channel attacks

Bad news for computer users everywhere. Last month, the researchers at the University of California in Riverside stated that GPUs (Graphics Processing Units) are vulnerable to side-channel attacks like Spectre and Meltdown which had plagued Intel and AMD CPUs.earlier this year. The research team consisted of two professors and two students, a computer science doctoral student and a post-doctoral researcher. The team reverse-engineered a Nvidia GPU to showcase three GPU attacks on graphics and computer stacks, and had stated that this was the first side channel attacks on GPUs.

Side-channel attacks happen when the attacker uses how a technology operates instead of doing it through a bug or flaw in the code. These attacks exploit the user counters in the GPU and since GPUSs are available in user mode anyone can access them.

What are those 3 GPU attacks?

All these 3 attacks happen only when a user (who in this case is a victim) downloads a malicious program to spy on their computer.

In the first attack, the user activity is tracked on the web as GPUs are used to render graphics in browsers. The downloaded malicious program uses OpenGL to create a spy program which records the behavior of the browser with GPU usage.

In the case of the second attack, the user passwords can be easily extracted since GPUs are used to render the login/password box

The third attack makes the data center vulnerable as it targets the computational applications. It uses the memory sniffing technique that is used for grabbing passwords, but here it uses a neutral network to learn and steal the network algorithms

Although there is no absolute solution, the researchers had recommended the users to turn off user-mode access to the counters to avoid the third attack, but it may not be a viable solution as many applications depend on that functionality