Disk encryption can be bypassed with cold boot attacks that obtain decryption keys. Solutions are: - TPM + BitLocker + Enhanced PIN - VeraCrypt + VeraCrypt's encryption of disk decryption keys stored in RAM - AMD's full RAM encryption - Intel's planned full RAM encryption for future CPU's Information stored in VRAM, such as viewed/unhidden passwords/keys, can also be extracted from that VRAM. Does NVidia (or AMD) plan on allowing users to encrypt VRAM in the future? Is there a way to purge/clean VRAM? I guess running benchmarks/games with heavy VRAM consumption can help clear some VRAM from past data, but that is not a secure solution. RAM encryption barely affects performance with AMD CPU's. I assume it wouldn't affect GPU performance significantly and if optional, then I don't see why someone would complain about introduction of such a feature.
I doubt information is stored in VRAM. User always sees active frame buffer - whatever he does at the moment. So when user enters password on some app he sees the active frame buffer, but when user leaves the app`s screen where he entered password the active frame buffer shows current screen - without password, so the screen with password was erased/preempted with new current screen. I mean the screen image is not a 3D object like shader, it does not require to load into VRAM for later usage.
Vulnerable information can be obtained from vram and gpu cache https://security.stackexchange.com/questions/177049/spectre-meltdown-on-a-gpu
its not, copy paste had the wrong url. https://scholarworks.uark.edu/cgi/viewcontent.cgi?article=1103&context=csceuht TLDR, VRAM isn't zero'ed between memory operations because it would impair performance to a degree, so malicious software can look through it for sensitive data.
Maybe the framebuffer? Your desktop for example, or parts of your desktop while you're logged in to your bank account with your browser and your sensitive information visible. Just guessing.
That`s my guess too. But (1) framebuffer exists in RAM too, (2) password is usually displayed by '*' characters, (3) the time you look to screen with bank account (for example) is limited, (4) people moved to smartphones and apps for smartphones, (5) screenshot is much harder to analyze comparing to textual information (which can be obtained from browser, from network strack, from phishing site, etc).
This copy was eliminated for D2D/D3D(DXGI), it might still be there for GDI though, which is what you would get if you disabled hardware acceleration in the app.
What do you mean? CPU builds framebuffer in RAM and then - with a flip - it is copied to VRAM. That`s my understanding. You imply that CPU builds framebuffer right in VRAM, right?
CPU prepares commands, gpu builds framebuffer based on those commands. its why EFB read/write mechanics are so hard to get right in emulators.
Encrypting vram wont protect against pixel stealing. A new side-channel vulnerability affecting all GPU vendors may deliver private information to malicious websites without user consent. According to research hailing from the University of Texas at Austin, the new vulnerability has been shown to allow for the recovery of private, sensitive information such as usernames, passwords, and other elements. The scope of the vulnerability is so severe that it allows malicious websites to reconstruct the GPU-generated pixel rendering of another website (and the credentials used to access it). The researchers say the overall threat from the attack is low but that it is important that companies work to mitigate the issue in hardware and software... https://www.tomshardware.com/news/p...s-vulnerable-to-pixel-stealing-gpu-zip-attack
