191393 – [iOS] WebGL leaks exact GPU type

Bug 191393 - [iOS] WebGL leaks exact GPU type

Summary: [iOS] WebGL leaks exact GPU type

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	New Bugs (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Dean Jackson

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2018-11-07 12:50 PST by Dean Jackson
Modified:	2018-11-07 15:48 PST (History)
CC List:	10 users (show)

See Also:

Attachments
Patch (7.45 KB, patch) 2018-11-07 12:56 PST, Dean Jackson	thorton: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Dean Jackson 2018-11-07 12:50:16 PST

[iOS] WebGL leaks exact GPU type

Comment 1 Dean Jackson 2018-11-07 12:50:47 PST

<rdar://problem/45788297>

Comment 2 Dean Jackson 2018-11-07 12:51:13 PST

From the radar:

WebKit

Per https://dieulot.fr/idevice, it's possible to get the exact GPU model via JavaScript. This can be combined with other techniques to fingerprint users (a privacy concern).

Is there any reason for websites to have access to this information? Could this string simply return "Apple GPU"?

Comment 3 Dean Jackson 2018-11-07 12:56:15 PST

Created attachment 354132 [details]
Patch

Comment 4 Dean Jackson 2018-11-07 13:13:20 PST

Committed r237940: <https://trac.webkit.org/changeset/237940>

Comment 5 Jon Lee 2018-11-07 13:27:24 PST

Is there a reason we are only doing this for iOS?

Comment 6 Brent Fulgham 2018-11-07 13:31:39 PST

(In reply to Jon Lee from comment #5)
> Is there a reason we are only doing this for iOS?

I think that title is wrong -- the change should apply to desktop as well.

Comment 7 Tim Horton 2018-11-07 13:35:42 PST

(In reply to Brent Fulgham from comment #6)
> (In reply to Jon Lee from comment #5)
> > Is there a reason we are only doing this for iOS?
> 
> I think that title is wrong -- the change should apply to desktop as well.

The title and the code change agree. But perhaps you mean the code change should go further?

Comment 8 Brent Fulgham 2018-11-07 13:57:45 PST

(In reply to Tim Horton from comment #7)
> (In reply to Brent Fulgham from comment #6)
> > (In reply to Jon Lee from comment #5)
> > > Is there a reason we are only doing this for iOS?
> > 
> > I think that title is wrong -- the change should apply to desktop as well.
> 
> The title and the code change agree. But perhaps you mean the code change
> should go further?

Oh -- I see. This is about "case WebGLDebugRendererInfo::UNMASKED_RENDERER_WEBGL:"

Under what circumstances is that active? Does the user need to take any particular action on a macOS system for such a value to be anything beside the default setting for all macOS builds?

It seems like this might be an issue if you installed debug frameworks of some kind, but not for normal macOS users. Is that accurate? Or are there other things that might cause this to produce an interesting value?

Comment 9 Tim Horton 2018-11-07 14:04:25 PST

(In reply to Brent Fulgham from comment #8)
> (In reply to Tim Horton from comment #7)
> > (In reply to Brent Fulgham from comment #6)
> > > (In reply to Jon Lee from comment #5)
> > > > Is there a reason we are only doing this for iOS?
> > > 
> > > I think that title is wrong -- the change should apply to desktop as well.
> > 
> > The title and the code change agree. But perhaps you mean the code change
> > should go further?
> 
> Oh -- I see. This is about "case
> WebGLDebugRendererInfo::UNMASKED_RENDERER_WEBGL:"
> 
> Under what circumstances is that active? Does the user need to take any
> particular action on a macOS system for such a value to be anything beside
> the default setting for all macOS builds?
> 
> It seems like this might be an issue if you installed debug frameworks of
> some kind, but not for normal macOS users. Is that accurate? Or are there
> other things that might cause this to produce an interesting value?

No no, the "Debug" there isn't about debug webkit, that's the name of the web exposed API.

Comment 10 Brent Fulgham 2018-11-07 14:06:51 PST

(In reply to Tim Horton from comment #9)
> (In reply to Brent Fulgham from comment #8)
> > (In reply to Tim Horton from comment #7)
> > > (In reply to Brent Fulgham from comment #6)
> > > > (In reply to Jon Lee from comment #5)
> > > > > Is there a reason we are only doing this for iOS?
> > > > 
> > > > I think that title is wrong -- the change should apply to desktop as well.
> > > 
> > > The title and the code change agree. But perhaps you mean the code change
> > > should go further?
> > 
> > Oh -- I see. This is about "case
> > WebGLDebugRendererInfo::UNMASKED_RENDERER_WEBGL:"
> > 
> > Under what circumstances is that active? Does the user need to take any
> > particular action on a macOS system for such a value to be anything beside
> > the default setting for all macOS builds?
> > 
> > It seems like this might be an issue if you installed debug frameworks of
> > some kind, but not for normal macOS users. Is that accurate? Or are there
> > other things that might cause this to produce an interesting value?
> 
> No no, the "Debug" there isn't about debug webkit, that's the name of the
> web exposed API.

Yikes! Then this change is totally needed on macOS. Jon was right!

Comment 11 Dean Jackson 2018-11-07 15:48:19 PST

(In reply to Brent Fulgham from comment #10)

> Yikes! Then this change is totally needed on macOS. Jon was right!

I'm not so sure. We've been shipping like this for years now.

It was originally put in to allow Google Maps to better tailor their experience to particular GPUs. They unofficially told me that it was more useful on Windows, which has a wide range of hardware. However, there are people using it for macOS.

I wouldn't have changed it for iOS except that there really shouldn't be any difference in iOS GPUs other than performance.