Unwelcome flaw could display your darkest secrets when you’re least expecting it
It seems that the private browsing (or ‘incognito mode’ on Google’s Chrome browser) may not be as private as many of us would like, as screenshots of your browsing habits could unexpectedly re-appear.
That’s according to University of Toronto student Evan Andersen, who found that Chrome’s incognito mode proved anything but that, after shots of an adult video he had viewed on YouPorn hours before reappeared on his screen as he loaded the video game Diablo III.
Andersen said he believed that the fault is caused by a bug in the drivers used by Nvidia graphic cards, which fail to erase the GPU memory before launching another application.
“This allows the contents of one application to leak into another,” he wrote in a blog post detailing the flaw.
“When the Chrome incognito window was closed, it’s framebuffer was added to the pool of free GPU memory, but it was not erased. When Diablo requested a framebuffer of its own, Nvidia offered up the one previously used by Chrome. Since it wasn’t erased, it still contained the previous contents. Since Diablo doesn’t clear the buffer itself (as it should), the old incognito window was put on the screen again.”
Andersen backed up his theory by writing a program that scanned the GPU memory for non-zero pixels, which uncovered a Reddit page that he had had opened minutes before on one of his computer’s other user accounts.
This is especially worrying as it means the flaw could open up the possibility of exposing the habits of multiple users on a shared PC, even those who were not specifically targeted.
“It breaks the operating system’s user boundaries by allowing non-root users to spy on each other,” he wrote. “Additionally, it doesn’t need to be specifically exploited to harm users – it can happen purely by accident. Anyone using a shared computer could be exposing anything displayed on their screen to other users of the computer.”
Andersen says that he informed both Nvidia and Google about the bug two years ago, with the former apparently acknowledging that the bug exists, but has not yet created a fix.
However, Google has said that it will not address the bug, claiming that Chrome’s incognito mode is “not designed to protect you against other users on the same computer”.
And Nvidia says the issue is not related to any of its graphics drivers, but rather a fault in the memory management of the operating system running on Andersen’s PC.
“This issue is related to memory management in the Apple OS, not NVIDIA graphics drivers,” the company told TechWeekEurope in a statement.
“The NVIDIA driver adheres to policies set by the operating system and our driver is working as expected.”
“We have not seen this issue on Windows, where all application-specific data is cleared before memory is released to other applications.”
Are you a security pro? Try our quiz!