Skip to content
This repository has been archived by the owner on Dec 11, 2019. It is now read-only.

Brave reports as vulnerable to spectre on test site #12570

Closed
g33xter opened this issue Jan 9, 2018 · 8 comments
Closed

Brave reports as vulnerable to spectre on test site #12570

g33xter opened this issue Jan 9, 2018 · 8 comments

Comments

@g33xter
Copy link

g33xter commented Jan 9, 2018

Test plan

#12577 (comment)


I'm using Brave 0.19.131 & checked the new security feature which is related to Spectre & Meltdown vulnerability. So, I tried using this http://xlab.tencent.com/special/spectre/spectre_check.html, it's saying it's vulnerable for Spectre. Check the Screenshot. I'm using macOS Sierra.

screen shot 2018-01-09 at 03 25 33

@srirambv
Copy link
Collaborator

srirambv commented Jan 9, 2018

cc: @diracdeltas
Same on Chrome for reference
image

@g33xter
Copy link
Author

g33xter commented Jan 9, 2018

You need to enable manually, I guess. use this link chrome://flags/#enable-site-per-process.
screen shot 2018-01-09 at 04 19 04
I don't have any issues with Chrome/Firefox/Safari, they are not vulnerable on newer updates.

@srirambv
Copy link
Collaborator

srirambv commented Jan 9, 2018

Thanks for the confirmation @g33xter

@diracdeltas
Copy link
Member

Strict Site isolation only mitigates against Spectre by enhancing separation between iframes and the parent context. It does not prevent Spectre if the parent context is trying to use the attack against you. According to @jumde, we will need to disable SharedArrayBuffer in order to appear as "not vulnerable" according to this test.

@diracdeltas diracdeltas changed the title Strict Site Isolation not working Brave reports as vulnerable to spectre on test site Jan 9, 2018
@diracdeltas diracdeltas added this to the 0.19.x Hotfix 12 milestone Jan 9, 2018
diracdeltas added a commit that referenced this issue Jan 9, 2018
Fix #12570

Test Plan:
1. Enable 'Strict Site Isolation' in about:preferences#security, then restart
2. Go to http://xlab.tencent.com/special/spectre/spectre_check.html
3. Click the button to check your browser. It should report as not vulnerable.
@srirambv
Copy link
Collaborator

Works on Windows
image

@srirambv
Copy link
Collaborator

Worked on Linux as well
image

@LaurenWags
Copy link
Member

MacOS using 0.19.132:
screen shot 2018-01-11 at 9 09 20 am

@g33xter
Copy link
Author

g33xter commented Jan 11, 2018

@diracdeltas thanks for clarifying.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.