A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called “Hot Pixels,” which can retrieve pixels from the content displayed in the target’s browser and infer the navigation history.
The attack exploits data-dependent computation times on modern system-on-a-chip (SoCs) and graphics processing units (GPUs) and applies them to stealthily extract information from visited web pages on Chrome and Safari, even if with the latest side-channel countermeasures enabled.
The researchers found that modern processors struggle to balance power consumption requirements and heat dissipation limitations with high execution speeds. This leads to distinct behavior patterns that point to specific instructions and operations.
These patterns are easily detectable through internal sensor measurements that are often accessible through software and, depending on the device type, can help discern what is viewed on the target device with an accuracy as high as 94%.
Mapping CPU behavior on modern devices
By analyzing frequency, power, and temperature measurements on modern devices, the researchers concluded that passively cooled processors could leak information via power and frequency, while actively cooled chips leak data through temperature and power readings.
The researchers experimented with Apple M1 chips, Cortex-X1 Arm cores inside a Google Pixel 6 Pro device, and Qualcomm Snapdragon 8 Gen 1 on OnePlus 10 Pro. They mapped the throttling points (thermal limits) and correlated the workloads with distinguishable frequency and power consumption metrics.
Next, the team experimented with data-dependent leakage channels on discreet and integrated GPUs, including Apple’s M1 and M2, AMD Radeon RX 6600, Nvidia GeForce RTX 3060, and Intel Iris Xe.
The researchers performed a detailed investigation and characterization of how different processing behaviors (such as bit-flipping operations) could impact observable factors like power consumption, temperature, and frequency and used this data as a foundation to evaluate the “Hot Pixels” attack.
How “Hot Pixels” works
The “Hot Pixels” attack was tested on Chrome 108 and Safari 16.2, the latest available versions at the time of the study, at their default configuration, including all side-channel countermeasures.
The setup constraints the power and temperature of the CPUs so that data about the color of the pixels displayed on the target’s screen (white or black) is leaked through the processor’s frequency.
To steal pixels from an unaffiliated target site, the researchers use an iframe element in an attacker-controlled page. The iframe’s contents, which presumably contain sensitive info about the victim are invisible but can be computed by applying an SVG filter on top of it and measuring the rendering times.
The accuracy of the measurements ranged between 60% and 94%, and the time required for deciphering each pixel was between 8.1 and 22.4 seconds.
The “leakiest” device was AMD Radeon RX 6600, while the best-protected devices appear to be Apple’s.
Uncovering browsing history
Safari is not impacted by the attack described in the previous section due to blocking cookie transmission on iframe elements that don’t have the same origin as the parent page. Hence, the loaded pixels on the iframe won’t contain any user data.
However, the researchers found that Safari is vulnerable to a sub-type of the Hot Pixels attack, which can compromise the user’s privacy by sniffing their browsing history.
The devised method includes placing links to sensitive pages on the attacker-controlled site and then using the SVG filtering technique to infer the color.
Hyperlinks of visited sites should have a different color than those the target never visited, so the basic Hot Pixels principles can be applied to infer the target’s browsing history.
Also, because the entire hyperlink would have the same color, recovering just a single pixel from each would be enough, so very large lists of hyperlinks can be parsed in a short time.
The accuracy of the data stolen in this attack reached 99.3% on iPhone 13, with just 2.5% false-negative findings and a recovery rate of 183 seconds per 50 hyperlinks.
The researchers disclosed their findings to Apple, Nvidia, AMD, Qualcomm, Intel, and Google, in March. All vendors acknowledged the issues and are working to mitigate them.
Hot Pixels attacks only work well on devices that quickly reach a stable state of power usage, like smartphones, although the data leak throughput is generally small.
However, the impacted vendors and stakeholders already discuss solutions to the reported problems, like restricting the use of SVG filters on iframes on the HTML standard.
The Chrome team already works on implementing the cookie isolation mechanism found in Safari that prevents loading cookies on orphan iframes.
There are also proposals to restrict access to sensors that give away thermal, power, and frequency readings to unauthorized users at the OS level.
More details about the Hot Pixels attack can be found on the technical paper published by the researchers earlier this week.