幹壞事是進步最大的原動力
Google 的 Project Zero 實做 Rowhammer Bug:「Exploiting the DRAM rowhammer bug to gain kernel privileges」。
開頭就很科幻:
“Rowhammer” is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows.
然後就提到實做了:
We tested a selection of laptops and found that a subset of them exhibited the problem. We built two working privilege escalation exploits that use this effect.
給出了 NaCl sandbox escape 與 Kernel privilege escalation 兩種方式。
這頭快炸了...
在之前受到批評後,Google 的 Project Zero 修正了對應的 Policy:「Feedback and data-driven updates to Google’s disclosure policy」。
原先的 Policy 是 90 天強制公開,修正的 Policy 有幾個改善:
把圖片上的文字辨識直接做成 Google Chrome 的延伸套件,預設就辨識好後讓你可以直接選取:「Project Naptha」。
這是官方提供的範例:
一張含有文字的圖片可以直接 OCR 出來變成文字選擇。
官方網站上有說,這是 client-side javascript:
One of the more impressive things about this project is the fact that it's almost entirely written in client side javascript. That means that it's pretty much totally functional without access to a remote server.
不過預設會傳回去,但可以關掉:
By default, when you begin selecting text, it sends a secure HTTPS request which lacks any kind of identifiable information to the Project Naptha cached remote OCR and Translation service. This allows you to recognize text from an image with much more accuracy than otherwise possible. However, this can be disabled simply by checking the "Disable Lookup" item under the Options menu.
也就是這個選項:
這功能好讚...