This may frighten Chrome on Mac users. A report by Evan Andersen who is an engineering student at Toronto University. He apparently discovered a bug that affects Nvidia graphic cards. He made his finding known on his blog which has attracted comments from different circles. The bug works by taking screen shots of your “Incognito” browsing. I don’t need to tell you how much damage can be caused by this especially when you’re not the only user of the computer in question.
After surfing a pornographic site apparently, he decided to launch the game Diablo III on the same computer he had used to access the site in Chrome Incognito mode which was when he discovered this. In his report, Evan described it “like a scene from hollywood, the game temporarily froze as it launched, preventing any attempt to clear the screen. The game unfroze just before clearing the screen, and I was able to grab a screenshot (censored with bright red):
Venture Beats had contacted Nvidia which said through a spokesperson that “this issue is related to memory management in the Apple OS, not NVIDIA graphics drivers,”. “The NVIDIA driver adheres to policies set by the operating system and our driver is working as expected. We have not seen this issue on Windows, where all application-specific data is cleared before memory is released to other applications.” Nvidia has made this an Apple Mac OS X problem by releasing this statement.
On the security side though, Evan sees this as a serious problem as it breaks the operating system’s boundaries by allowing non-root users to spy on each other. Additionally, it doesn’t need to be specifically exploited to harm users – it can happen purely by accident. Anyone using a shared computer could be exposing anything displayed on their screen to other users of the computer.
At the time of this report, it doesn’t look like Apple or Nvidia have fixed this bug according to this blog. Over to you, Nvidia, Google and Apple.