Nvidia GPU driver bug could expose your Chrome Incognito porn browsing
If you have an online porn habit you like to indulge from time to time, you're probably well-acquainted with Chrome's Incognito mode. Like Microsoft Edge's InPrivate browsing, and Firefox's Private browsing, Google's browser includes a mode that can be used to keep your browsing secret. At least that's the idea...
One gamer and unashamed porn consumer found that his X-rated browsing sessions were exposed by Diablo III. Running the game on his Mac, Evan Andersen found that cached images from his Incognito browsing sessions were displayed as the RPG title loaded. He managed to grab screenshots of the bug in action, and even went as far as writing a program to show what's happening.
Evan has shared details of his surprise on his blog. It's not exactly a new problem, and he submitted a bug report to Google and to Nvidia quite some time ago -- but two years on, the problem still exists. Evan concedes that the bug is not one that could be easily exploited as it is somewhat unreliable but says that "it is a problem for anyone expecting incognito mode to hide their browsing on a shared computer".
Evan says:
So how did this happen? A bug in Nvidia's GPU drivers. GPU memory is not erased before giving it to an application. This allows the contents of one application to leak into another. When the Chrome incognito window was closed, it’s framebuffer was added to the pool of free GPU memory, but it was not erased. When Diablo requested a framebuffer of its own, Nvidia offered up the one previously used by Chrome. Since it wasn't erased, it still contained the previous contents. Since Diablo doesn't clear the buffer itself (as it should), the old incognito window was put on the screen again.
In the interest of reproducing the bug, I wrote a program to scan GPU memory for non-zero pixels. It was able to reproduce a reddit page I had closed on another user account a few minutes ago, pixel perfect.
Accusatory fingers are pointing multiple directions here. Should blame be laid at the feet of Diablo III developers, Blizzard? Is it Nvidia's fault for having drivers that do not properly wipe GPU memory? Or is it Google's fault for not properly sandboxing Incognito sessions?
What's Google's take on it? On the Chromium blog, the response is less than heartening for those with privacy concerns:
Incognito does not provide guarantees for hiding browsing on a shared computer. (Someone who could see the shared memory could also install a keylogger, etc. on your computer.)
Comments on Evan's bog post indicate that he is not alone in experiencing the problem, with some people indicating that they have had similar issues in Safari for iPad.
What this does highlight is the fact that private browsing sessions might not be anywhere near as private as you might hope.
Photo credit: nikitabuida / Shutterstock