Skip to content
This repository has been archived by the owner on Dec 11, 2019. It is now read-only.

Brave reports as vulnerable to spectre on test site #12570

Closed
g33xter opened this issue Jan 9, 2018 · 8 comments
Closed

Brave reports as vulnerable to spectre on test site #12570

g33xter opened this issue Jan 9, 2018 · 8 comments
Assignees
@diracdeltas @jumde
Labels
QA/checked-Linux QA/checked-macOS QA/checked-Win64 QA/test-plan-specified release-notes/include security
Milestone
0.19.x Hotfix 12 ...

Comments

@g33xter
Copy link

g33xter commented Jan 9, 2018
edited by luixxiul
Loading

Test plan

#12577 (comment)

I'm using Brave 0.19.131 & checked the new security feature which is related to Spectre & Meltdown vulnerability. So, I tried using this http://xlab.tencent.com/special/spectre/spectre_check.html, it's saying it's vulnerable for Spectre. Check the Screenshot. I'm using macOS Sierra.

screen shot 2018-01-09 at 03 25 33
@srirambv
Copy link
Collaborator

srirambv commented Jan 9, 2018
edited
Loading

cc: @diracdeltas
Same on Chrome for reference
image

@g33xter
Copy link
Author

g33xter commented Jan 9, 2018
edited
Loading

You need to enable manually, I guess. use this link chrome://flags/#enable-site-per-process.
screen shot 2018-01-09 at 04 19 04
I don't have any issues with Chrome/Firefox/Safari, they are not vulnerable on newer updates.

@srirambv
Copy link
Collaborator

srirambv commented Jan 9, 2018

Thanks for the confirmation @g33xter

@diracdeltas
Copy link
Member

Strict Site isolation only mitigates against Spectre by enhancing separation between iframes and the parent context. It does not prevent Spectre if the parent context is trying to use the attack against you. According to @jumde, we will need to disable SharedArrayBuffer in order to appear as "not vulnerable" according to this test.

@diracdeltas diracdeltas changed the title Strict Site Isolation not working Brave reports as vulnerable to spectre on test site Jan 9, 2018
@diracdeltas diracdeltas added this to the 0.19.x Hotfix 12 milestone Jan 9, 2018
diracdeltas added a commit that referenced this issue Jan 9, 2018
@diracdeltas
disable sharedArrayBuffer and add tests for API blocking
d387511 
Fix #12570

Test Plan:
1. Enable 'Strict Site Isolation' in about:preferences#security, then restart
2. Go to http://xlab.tencent.com/special/spectre/spectre_check.html
3. Click the button to check your browser. It should report as not vulnerable.
@diracdeltas diracdeltas mentioned this issue Jan 9, 2018
Merged
10 tasks
This was referenced Jan 11, 2018
Closed
Closed
Closed
@srirambv
Copy link
Collaborator

Works on Windows
image

@srirambv
Copy link
Collaborator

Worked on Linux as well
image

@LaurenWags
Copy link
Member

MacOS using 0.19.132:
screen shot 2018-01-11 at 9 09 20 am

@g33xter
Copy link
Author

g33xter commented Jan 11, 2018

@diracdeltas thanks for clarifying.

@kjozwiak kjozwiak mentioned this issue Jan 12, 2018
Closed
@jumde jumde mentioned this issue Sep 9, 2018
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@diracdeltas diracdeltas

@jumde jumde

Labels
QA/checked-Linux QA/checked-macOS QA/checked-Win64 QA/test-plan-specified release-notes/include security
Projects
None yet
Milestone
0.19.x Hotfix 12 (Release Channel)
Development

No branches or pull requests
5 participants
@diracdeltas @jumde @g33xter @srirambv @LaurenWags