Comment by Aurornis

20 hours ago

I’m skeptical of these side channel attacks that rely on training a neural network on specific controlled scenarios on controlled hardware. I believe that with enough time and effort and the perfect circumstances where the user is only visiting their website and doing one other thing that the network was trained on it can match.

It does not seem useful as a general purpose side channel vector.

4 comments

Aurornis

1970-01-01 4 hours ago

Publish or perish. It worked once, in a controlled lab, mostly (80-90% guess). Good enough for more millions in funding..

Not really joking here.

https://hannesweissteiner.com/

https://hannesweissteiner.com/publications/frost/

hansvm 19 hours ago

It depends what you mean by "general purpose." First, these things generalize more often than you'd expect. Second, even in the absence of generalization they're still useful for, e.g., fingerprinting activities to manufacture a unique ID where non previously existed.

Aurornis 13 hours ago

The paper isn’t describing a unique ID fingerprint. It’s looking for specific activity patterns to match against training data of running specific commands on specific hardware.

ramenat2am 18 hours ago

That's basically just a research, theoretical attack vector. It doesn't mean it's viable for general purpose old school mass privacy invasion