> isn't the main threat rather data leakage or even manipulation of data?
The (IMO fatally flawed) premise here is that the security boundaries enforced by the GPU hardware and driver stack would prevent that. Thus the worst case scenario is a DoS since GPUs somehow still don't seem to be very good at sharing hardware resources in scenarios that involve uncooperative parties.
Note that even without GPGPU workloads there's still the obvious exfiltration target of "framebuffer containing unlocked password manager".
The (IMO fatally flawed) premise here is that the security boundaries enforced by the GPU hardware and driver stack would prevent that. Thus the worst case scenario is a DoS since GPUs somehow still don't seem to be very good at sharing hardware resources in scenarios that involve uncooperative parties.
Note that even without GPGPU workloads there's still the obvious exfiltration target of "framebuffer containing unlocked password manager".