We present the first micro-architectural side-channel attack which runs entirely in the browser. In contrast to other works in this genre, this attack does not require the attacker to install any software on the victim’s machine – to facilitate the attack, the victim needs only to browse to an untrusted webpage with attacker-controlled content. This makes the attack model highly scalable and extremely relevant and practical to today’s web, especially since most desktop browsers currently accessing the Internet are vulnerable to this attack. Our attack, which is an extension of the last-level cache attacks of Yarom et al. , allows a remote adversary recover information belonging to other processes, other users and even other virtual machines running on the same physical host as the victim web browser. We describe the fundamentals behind our attack, evaluate its performance using a high bandwidth covert channel and finally use it to construct a system-wide mouse/network activity logger. Defending against this attack is possible, but the required counter-measures can exact an impractical cost on other benign uses of the web browser and of the computer.
Nothing is safe.
I run Linux at home and at work and i don't get bothered by having to enter my password all the time, only when installing software. Which is how it should be. I can develop and compile stuff fine in my home directory, of course. But even on Windows it is recommended to have a separate admin account and not use it all the time, because malicious software can install itself without permission. Forcing users to enter a password before software can access system folders is a Very Good Idea no matter how annoying you might find it.