On 02/19/19 06:11 AM, Alexei Podtelezhnikov wrote:
an unprivileged attacker could potentially utilize flush+reload cache
side-channel attack to measure the execution time of said subroutine to infer
user input.
Isn't it why my passwords show up as ●●●●●●●●● in sensible applications?
From the paper it seems the problem is mainly in those apps, mainly mobile,
that show the character for a second before transforming to a star or
bullet, to help people notice when they fat-fingered on their touch
screen keyboard.
--
-Alan Coopersmith- alan.coopersm...@oracle.com
Oracle Solaris Engineering - https://blogs.oracle.com/alanc
_______________________________________________
Freetype-devel mailing list
Freetype-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/freetype-devel