| 00:00 | <Mathieu Hofman> | This seems to be based on multiple threads, which is the equivalent of timers. I don't understand the claim it's timerless |
| 00:02 | <Mathieu Hofman> | Also existing web mitigations to prevent sharing SAB between workers should prevent this. Unless safari loads privileged data in processes that allow SAB and workers? |
| 00:49 | <bakkot> | It does not appear to me to be based on multiple threads? |
| 00:49 | <bakkot> | It's using this mechanism https://leaky.page/plru.html |
| 00:50 | <bakkot> | And I don't see why preventing sharing SABs would have anything to do with preventing this - sharing SABs mainly prevents having a ns-precision timer, which the paper very explicitly does not reply on |
| 00:57 | <bakkot> | oh, the timerless part does rely on multiple threads, ok |
| 00:57 | <bakkot> | it only says "a shared variable", though; from that description it could well be be localStorage or IndexDB or something |
| 01:10 | <Mathieu Hofman> | I'm a bit rusty on my Web APIs, are there other shared storage besides SAB available from different agents in the same process? |
| 01:12 | <Mathieu Hofman> | Looks like IndexDB is. And not covered by the COOP/COEP site isolation opt-in |
| 01:13 | <Mathieu Hofman> | Anyway, multiple threads effectively creates a timer, that has been known for a while. SAB a high precision one. I guess IndexedDB may help create a slightly lower precision timer. |