Comment by nh2
7 months ago
Curious if the same technique would also work on Wayland, given one of its design goals is higher cross-app security compared to Xorg.
7 months ago
Curious if the same technique would also work on Wayland, given one of its design goals is higher cross-app security compared to Xorg.
This attack seems to be explicitly exploiting the Android rendering pipeline through a side-channel.
Wayland, once hardened with security-context doesn't directly expose anything worrying (clipboard stealing is possible but would require window focus or the generation of a window which grabs focus). It remains to be seen if there are side-channels hiding somewhere in it or in the various GPU stacks.