Artifact - Hidden in Plain Sight: Scriptless Microarchitectural Attacks via TrueType Font Hinting
This repository contains the artifact for our paper "Hidden in Plain Sight: Scriptless Microarchitectural Attacks via TrueType Font Hinting" published at uASC 2025. The paper is available here.
The paper introduces a new type of scriptless microarchitectural attack that leverages TrueType font hinting instructions. The authors demonstrate that these attacks can perform cache contention and targetted L1 cache probing. We showcase the capabilities on a website fingerprinting attack, and a demonstration that tracks which page of a PDF is displayed.
- Python 3.12+ and
pip - Linux for the L1 cache components (
perf_event_open) - The website fingerprinting components work cross-platform
The repository is structured as follows:
hinting-test/: Contains code for testing if TrueType hinting is enabled in the browser.l1cache/: Contains code for the L1 cache probing attack.website-fingerprinting/: Contains code for the website fingerprinting attack.
This repository is for educational purposes only. The authors do not take any responsibility for the misuse of the information provided in this repository. Do not run the code on devices you do not own or have permission to modify. We are not responsible for any damage caused by the use of the code in this repository.