DOCSLIB.ORG

Browser Performance and Security After NPAPI

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Browser Performance and Security After NPAPI Tufts University Introduction to Computer Security COMP 116 Browser Performance and Security After NPAPI Author: Mentor: Sunjay Bhatia Ming Chow December 12, 2014 Contents 1 1contentsIntroduction 2 1.1 Origins of NPAPI . 2 1.2 Recent Developments . 2 2 To the Community 2 2.1 NPAPI Security Risks Due to Implementation . 2 2.2 NPAPI Security Risks Due to Features/Usage . 3 3 Defenses 4 3.1 Google’s Native Client . 4 3.2 asm.js . 5 4 Summary 6 5 Supporting Material 6 6 References 7 The Netscape Plugin Application Programming Interface (NPAPI), a cross- browserabstract API for plugins, is being phased out by Google and Mozilla, re- sulting in a new era for native code integration with the browser. NPAPI plugins are useful in providing increased performance and access to native operating system features but are also notorious for exposing security holes. This paper will attempt to give background on the problems that NPAPI plugins can cause and the benefits of no longer supporting this technology as we strive to move toward a more secure web. This paper will also give examples of newer technologies and the pros and cons of where the state of the art is headed, namely Google’s Portable Native Client (PNaCl, pro- nounced "pinnacle") and even asm.js. introduction 2 1 introduction With1.1 Origins the release of NPAPI of the Navigator browser by Netscape in 1994, user interac- tion with the web was becoming an important direction with which software manufacturers were taking their efforts. In particular, Adobe were hopeful that their PDF file format and reader would be able to be integrated with the web browser and not only be confined to the desktop. Shortly after the re- lease of Navigator, Allan Padgett, one of the authors of the Acrobat Reader, and others were able to actually reverse engineer the browser and leverage the power of rendering a PDF within the browser window[7]. This could have simply stopped there, but "Allan’s Hack" was instead transformed into a extensible plugin interface that allowed developers to effectively extend the web and and utilize the functionality and power of the host computer. The1.2 useRecent of NPAPI Developments has grown exponentially, with developers and large com- panies alike developing plugins for the web to take advantage of what the interface to the host computer provides them. The web has changed and become quite dynamic since the early days, and NPAPI has definitely been a large part of that growth. Even with the widespread use of NPAPI, on September 23, 2013, the Chromium project announced the phasing out of this technology from the Chrome and Chromium browsers[2]. No new ap- plications or extensions will be allowed in the Chrome webstore and users can only use plugins that have been whitelisted (because they are so widely used). In addition, Mozilla announced that they would eliminate support for these plugins. This does not come as a surprise to most security pro- fessionals, as there have been glaring holes in the NPAPI security model and implementation that have never been fully addressed. Removing the whole NPAPI infrastructure, though it is flawed, would definitely set web technology back quite a ways. Google and Mozilla however both are champi- oning their own solutions for replacing NPAPI with potentially more secure Portable Native Client and asm.js respectively. 2 to the community 2.1NPAPINPAPI plugins Security are notoriously Risks Due dangerous to Implementation because they have essentially "un- restricted" access to the local machine. Plugins are allowed to run native machine instructions with the same permissions as the host process (the browser). The implementation model allows these plugins to access fea- tures of the host machine in an unsupervised manner, which can be risky in many ways. If the permissions of the host process are sufficiently broad, [3] a malicious plugin would be able to take advantage .to If thethere community are security 3 vulnerabilities in a plugin because of badly written code, attackers can eas- ily use them to install malicious software on a host computer completely silently without any knowledge to the user. This is especially prevalent be- cause of the implementation language, C/C++ and the penchant developers have for not managing memory properly. Buffer overflow exploits should not be as big of an issue as they still are (because it seems like a "solved" problem), however NPAPI plugins still allow this attack vector to be open. Browser technology has improved greatly over the years and browsers are faster and safer than when NPAPI was originally designed and developed in the 1990s[2]. As a result, the NPAPI model is not up to date and the ben- efits of performance that we were able to champion in the past have been severely diminished. NPAPI "has become a leading cause of hangs, crashes, security incidents, and code complexity"[3]. 2.2NPAPINPAPI plugin Security interfaces Risks to Due the userto Features/Usage have clear flaws that introduce further security risks. The concept of the "Click to Play" plugin was introduced as a security measure in order for the user to determine when they wanted plugins to be used[7]. This is a flawed system because it relies on the user to to be savvy about the plugins they are using and only trusting safe plugins. The majority of users of the web are not able, and should not be made to make this distinction. Old and out of date plugins are not as a rule blocked and this poses another huge threat to security. We definitely do not want outdated code running unrestricted on our host computers. Figure 1: Example of "Click to Play" in Firefox As expected, the continued allowance of by Google and others of whitelisted plugins of course comes at somewhat of a risk. Users and administrators need to be aware that their plugins are potentially dangerous or vulnerable even if they are useful. In the short term this seems like an adequate stop- gap, but the whole NPAPI infrastructure does need to be removed to ensure long term safety. defenses 4 It is not all doom and gloom in the web plugin space. There have been advances3 defenses in recent years to bring more security and even more performance to browser plugins and the best of the bunch manifest themselves in the following solutions. 3.1PNaClGoogle’s (pronounced Native "pinnacle") Client is Google’s attempt at leading us away from the plugin model while still preserving performance. PNaCl allows develop- ers to utilied the power of the host operating system, but in a fundamentally different way from NPAPI. Figure 2: Diagram of PNaCl and NaCl architecture Only trusted system calls are allowed to access the native featuresdefenses and 5 native code does not run in any sort of privileged state. The native C/C++ code must be essentially "vetted" by the sandboxing mechanism implemented in Chrome[4]. The general model can be seen in Figure 2. C/C++ code is written and compiled by the PNaCl toolchain. This toolchain compiles the code in a portable intermediate format that allows the code to be packaged and available to be distributed in Googles .pexe format[5]. The binary for- mat is based on LLVM. The code is packaged as a resource and sent along with a web request. Chrome is able to verify the code as trusted, compile it to architecture specific code, and run it in the "sandbox" that it allocates for it. If the code is modified at runtime as part of a JIT compiling process, the code is run in a more secure "untrusted" sandbox and is restricted to what it can do. This model has stood up to rigorous testing and security review and the sandbox and static code validators can actually proved to be correct and safe which is a major win for this technology[4]. There are many existing applications and browser extensions that use NaCl (the less portable but more performant version of this technology) and PNaCl is an exciting direction for the web because it improves upon the portability as well as performance of existing plugins and code can be easily transformed to fit this model and format. The sandboxing model is one that that is very important to computer secu- rity as whole, not just in relation to browser applications. The paradigm that has been quite successfully implemented in PNaCl, of running untrusted code in a sandbox is a very difficult one to implement, but has also been used in Google’s Chrome OS. Android implements a version of this to an extent as well. 3.2asm.jsasm.js by Mozilla, on the other hand, is a subset of Javascript that is used primarily to improve performance of web applications written in statically typed languages that are then run through a source to source compiler and translated to Javascript[1]. C/C++ code is converted to LLVM bitcode. Mozilla’s Emscripten engine turns these bitcodes to JavaScript. The asm.js virtual machine has its whole virtual memory layout in a JavaScript typed array[1]. While the asm.js security model is not quite mature as of yet and has not been optimized, some features it introduces are quite helpful. Figure 3: asm.js model Translating unmanaged languages like C and C++ to Javascriptsummary already 6 solves issues of memory corruption and there are many other ways asm.js can help with security of these sorts of applications. If code had a buffer overflow vulnerability, once it is converted to Javascript and running in the asm.js virtual machine there are runtime checks that are built in to trigger exceptions and not allow any malicious behavior.
Load more

Recommended publications
  • On the Uniqueness of Browser Extensions and Web Logins
    To Extend or not to Extend: on the Uniqueness of Browser Extensions and Web Logins Gábor György Gulyás Dolière Francis Somé INRIA INRIA [email protected] [email protected] Nataliia Bielova Claude Castelluccia INRIA INRIA [email protected] [email protected] ABSTRACT shown that a user’s browser has a number of “physical” charac- Recent works showed that websites can detect browser extensions teristics that can be used to uniquely identify her browser and that users install and websites they are logged into. This poses sig- hence to track it across the Web. Fingerprinting of users’ devices is nificant privacy risks, since extensions and Web logins that reflect similar to physical biometric traits of people, where only physical user’s behavior, can be used to uniquely identify users on the Web. characteristics are studied. This paper reports on the first large-scale behavioral uniqueness Similar to previous demonstrations of user uniqueness based on study based on 16,393 users who visited our website. We test and their behavior [23, 50], behavioral characteristics, such as browser detect the presence of 16,743 Chrome extensions, covering 28% settings and the way people use their browsers can also help to of all free Chrome extensions. We also detect whether the user is uniquely identify Web users. For example, a user installs web connected to 60 different websites. browser extensions she prefers, such as AdBlock [1], LastPass [14] We analyze how unique users are based on their behavior, and find or Ghostery [8] to enrich her Web experience. Also, while brows- out that 54.86% of users that have installed at least one detectable ing the Web, she logs into her favorite social networks, such as extension are unique; 19.53% of users are unique among those who Gmail [13], Facebook [7] or LinkedIn [15].
    [Show full text]
  • Cisco Telepresence Management Suite 15.13.1
    Cisco TelePresence Management Suite 15.13.1 Software Release Notes First Published: June 2021 Cisco Systems, Inc. www.cisco.com 1 Contents Preface 3 Change History 3 Product Documentation 3 New Features in 15.13.1 3 Support for Cisco Meeting Server SIP recorder in Cisco TMS 3 Support for Cisco Webex Desk Limited Edition 3 Webex Room Panorama series to support 20000 kbps Bandwidth 3 Features in Previous Releases 3 Resolved and Open Issues 4 Limitations 4 Interoperability 8 Upgrading to 15.13.1 8 Before You Upgrade 8 Redundant Deployments 8 Upgrading from 14.4 or 14.4.1 8 Upgrading From a Version Earlier than 14.2 8 Prerequisites and Software Dependencies 8 Upgrade Instructions 8 Using the Bug Search Tool 9 Obtaining Documentation and Submitting a Service Request 9 Cisco Legal Information 10 Cisco Trademark 10 Cisco Systems, Inc. www.cisco.com 2 Cisco TelePresence Management Suite Software Release Notes Preface Change History Table 1 Software Release Notes Change History Date Change Reason June 2021 Release of Software Cisco TMS 15.13.1 Product Documentation The following documents provide guidance on installation, initial configuration, and operation of the product: ■ Cisco TelePresence Management Suite Installation and Upgrade Guide ■ Cisco TelePresence Management Suite Administrator Guide ■ Cisco TMS Extensions Deployment Guides New Features in 15.13.1 Support for Cisco Meeting Server SIP recorder in Cisco TMS Cisco TMS currently supports Cisco Meeting Server recording with XMPP by default. As XMPP is deprecated from Meeting Server 3.0 onwards, it will only support SIP recorder. For such Cisco Meeting Server with SIP recorder, the valid SIP Recorder URI details must be provided in Cisco TMS.
    [Show full text]
  • Plugin to Run Oracle Forms in Chrome
    Plugin To Run Oracle Forms In Chrome Emmott deuterate prenatal. Ataxic Clarance ambuscades: he tinkles his lairdships phonetically and occupationally. Slovenian and electrifying Ishmael often shuns some peregrination transversally or clapping competently. Desupport of Java Applet Plugin is my Forms Application at. Good Riddance to Oracle's Java Plugin Krebs on Security. Support the the java plug-in used to friend these applications ends with this version of Firefox. Oracle Forms Browser Alternatives DOAG. Note Chrome is not supported for Oracle Formsbased EBS applications Supported Java plug-ins also differ according to the operating system great well as. Configure browser to favor the Adobe PDF plug-in and open. Many recent browser versions include their particular native PDF plug-ins that automatically. Similar to Chrome Firefox will drop support must all NPAPI plugins such as. Oracle Forms 12c version can apology be used without a browser while still keeping the native appearance of the application Either JDK or Java Plugin JRE has not be installed on the client PC An inn of inventory to trigger this answer of configuration can blood found love the Forms web configuration file formsweb. Ui objects in the new row is not only one of the following parmaments in to determine whether you never supported. Why need use Google Chrome for Oracle APEX Grassroots Oracle. How something I run Oracle Forms 11g locally? After you download the crx file for ThinForms 152 open Chrome's. So her whole application is a web based login and stealth launch Java J-initiator. The location for npapi will not clear history page in apex competitors and chrome release and to run oracle forms in chrome, more of the application express file that they would prompt.
    [Show full text]
  • Effects and Opportunities of Native Code Extensions For
    Effects and Opportunities of Native Code Extensions for Computationally Demanding Web Applications DISSERTATION zur Erlangung des akademischen Grades Dr. Phil. im Fach Bibliotheks- und Informationswissenschaft eingereicht an der Philosophischen Fakultät I Humboldt-Universität zu Berlin von Dipl. Inform. Dennis Jarosch Präsident der Humboldt-Universität zu Berlin: Prof. Dr. Jan-Hendrik Olbertz Dekan der Philosophischen Fakultät I: Prof. Michael Seadle, Ph.D. Gutachter: 1. Prof. Dr. Robert Funk 2. Prof. Michael Seadle, Ph.D. eingereicht am: 28.10.2011 Tag der mündlichen Prüfung: 16.12.2011 Abstract The World Wide Web is amidst a transition from interactive websites to web applications. An increasing number of users perform their daily computing tasks entirely within the web browser — turning the Web into an important platform for application development. The Web as a platform, however, lacks the computational performance of native applications. This problem has motivated the inception of Microsoft Xax and Google Native Client (NaCl), two independent projects that fa- cilitate the development of native web applications. Native web applications allow the extension of conventional web applications with compiled native code, while maintaining operating system portability. This dissertation determines the bene- fits and drawbacks of native web applications. It also addresses the question how the performance of JavaScript web applications compares to that of native appli- cations and native web applications. Four application benchmarks are introduced that focus on different performance aspects: number crunching (serial and parallel), 3D graphics performance, and data processing. A performance analysis is under- taken in order to determine and compare the performance characteristics of native C applications, JavaScript web applications, and NaCl native web applications.
    [Show full text]
  • How to Change Your Browser Preferences So It Uses Acrobat Or Reader PDF Viewer
    How to change your browser preferences so it uses Acrobat or Reader PDF viewer. If you are unable to open the PDF version of the Emergency Action Plan, please use the instructions below to configure your settings for Firefox, Google Chrome, Apple Safari, Internet Explorer, and Microsoft Edge. Firefox on Windows 1. Choose Tools > Add-ons. 2. In the Add-ons Manager window, click the Plugins tab, then select Adobe Acrobat or Adobe Reader. 3. Choose an appropriate option in the drop-down list next to the name of the plug-in. 4. Always Activate sets the plug-in to open PDFs in the browser. 5. Ask to Activate prompts you to turn on the plug-in while opening PDFs in the browser. 6. Never Activate turns off the plug-in so it does not open PDFs in the browser. Select the Acrobat or Reader plugin in the Add-ons Manager. Firefox on Mac OS 1. Select Firefox. 2. Choose Preferences > Applications. 3. Select a relevant content type from the Content Type column. 4. Associate the content type with the application to open the PDF. For example, to use the Acrobat plug-in within the browser, choose Use Adobe Acrobat NPAPI Plug-in. Reviewed 2018 How to change your browser preferences so it uses Acrobat or Reader PDF viewer. Chrome 1. Open Chrome and select the three dots near the address bar 2. Click on Settings 3. Expand the Advanced settings menu at the bottom of the page 4. Under the Privacy and security, click on Content Settings 5. Find PDF documents and click on the arrow to expand the menu 6.
    [Show full text]
  • Security Analysis of Firefox Webextensions
    6.857: Computer and Network Security Due: May 16, 2018 Security Analysis of Firefox WebExtensions Srilaya Bhavaraju, Tara Smith, Benny Zhang srilayab, tsmith12, felicity Abstract With the deprecation of Legacy addons, Mozilla recently introduced the WebExtensions API for the development of Firefox browser extensions. WebExtensions was designed for cross-browser compatibility and in response to several issues in the legacy addon model. We performed a security analysis of the new WebExtensions model. The goal of this paper is to analyze how well WebExtensions responds to threats in the previous legacy model as well as identify any potential vulnerabilities in the new model. 1 Introduction Firefox release 57, otherwise known as Firefox Quantum, brings a large overhaul to the open-source web browser. Major changes with this release include the deprecation of its initial XUL/XPCOM/XBL extensions API to shift to its own WebExtensions API. This WebExtensions API is currently in use by both Google Chrome and Opera, but Firefox distinguishes itself with further restrictions and additional functionalities. Mozilla’s goals with the new extension API is to support cross-browser extension development, as well as offer greater security than the XPCOM API. Our goal in this paper is to analyze how well the WebExtensions model responds to the vulnerabilities present in legacy addons and discuss any potential vulnerabilities in the new model. We present the old security model of Firefox extensions and examine the new model by looking at the structure, permissions model, and extension review process. We then identify various threats and attacks that may occur or have occurred before moving onto recommendations.
    [Show full text]
  • Multi-File Course Files Upload Interface and Browsers Not Supporting NPAPI Plugins
    Multi-file Course Files Upload Interface and Browsers Not Supporting NPAPI Plugins Date Published: Mar 23,2017 Category: Product:Browsers_Learn; Version:X9_1 Article No.: 000073448 Product: Blackboard Learn Type:Support Bulletin Bulletin/Advisory Information: Update (Published March 23, 2017) Mozilla has removed Netscape Plugin Application Programming Interface (NPAPI) plugin support from Firefox beginning with version 52, which was released on March 7, 2017. Original Bulletin (Published August 26, 2015) In September 2015, Google Chrome will stop supporting NPAPI plugins. This includes the use of Java in the web browser. Before this date, it is possible to configure Chrome to allow this content; after this date, it will no longer be possible to use the multi-file drag-and-drop interface in Course Files or the Content Collection. The new Edge browser from Microsoft also does not support NPAPI plugins. Users wanting to access the multi-file upload interface should use a browser that supports NPAPI and a Java runtime environment. Blackboard will continue to support this interface, but only on supported web browsers that support NPAPI plugins. Chrome and Edge will continue to be supported browsers, but the multi-file upload interface in Course Files and the Content Collection will not be supported on these browsers. Another possible workaround is to use the the Multiple File Upload feature with in the Content Collection. Simply ZIP the needed files and then use the Upload Zip Package or Download Package function. Enter the Course > Click on Content Collection > Click on Course folder > Click on Upload > Select the function to upload the Zipped folder.
    [Show full text]
  • FAQ NPAPI for Website
    FAQ NPAPI Q: NPAPI is being de-supported by many browsers. What is Ellucian doing to support browsers going forward for Banner INB and Oracle Forms? As long as NPAPI is supported by a browser, we will continue to test and support our Banner Oracle Forms-based releases, including INB, on that browser. As long as the browser is supported by Oracle Forms and Reports 11gR2, we will continue to test and support our Banner Oracle Forms-based releases according to the supported configurations as documented by Oracle. All Banner XE applications (9.x versions) and all Banner transformed pages will be supported in current releases of Chrome, Firefox, Safari and MS Edge according to our published browser support policy. We will also continue to support IE 10 and 11 for Banner INB to allow customers to share a common browser across administrative applications. At this time, Banner INB will only be supported on IE 10 and IE 11 for as long as Microsoft continues to support this browser. Please refer to Microsoft’s Internet Explorer FAQ where Microsoft states: Internet Explorer 11 will be supported for the life of Windows 7, Windows 8.1, and Windows 10. Q: Will Ellucian support the Chrome browser for Oracle Forms-based applications? All Banner XE applications (9.x versions) and all Banner transformed pages will be supported in current releases of Chrome, Firefox, Safari and MS Edge according to our published browser support policy. As of Chrome version 45 (September 2015), the Google Chrome browser does not support NPAPI, which impacts plugins of all types, including Java, which is required for Banner INB.
    [Show full text]
  • Migrating from Java Applets to Plugin-Free Java Technologies
    Migrating from Java Applets to plugin-free Java technologies An Oracle White Paper January, 2016 Migrating from Java Applets to plugin-free Java technologies Migrating from Java Applets to plugin-free Java technologies Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. Migrating from Java Applets to plugin-free Java technologies Executive Overview ........................................................................... 4 Browser Plugin Perspectives ............................................................. 4 Java Web Start .................................................................................. 5 Alternatives ....................................................................................... 6 Native Windows/OS X/Linux Installers ........................................... 6 Inverted Browser Control ............................................................... 7 Detecting Applets .............................................................................. 7 Migrating from Java Applets to plugin-free Java technologies Executive Overview With modern browser vendors working to restrict or reduce the support of plugins like
    [Show full text]
  • An Analysis of Private Browsing Modes in Modern Browsers
    An Analysis of Private Browsing Modes in Modern Browsers Gaurav Aggarwal Elie Bursztein Collin Jackson Dan Boneh Stanford University CMU Stanford University Abstract Even within a single browser there are inconsistencies. We study the security and privacy of private browsing For example, in Firefox 3.6, cookies set in public mode modes recently added to all major browsers. We first pro- are not available to the web site while the browser is in pose a clean definition of the goals of private browsing private mode. However, passwords and SSL client cer- and survey its implementation in different browsers. We tificates stored in public mode are available while in pri- conduct a measurement study to determine how often it is vate mode. Since web sites can use the password man- used and on what categories of sites. Our results suggest ager as a crude cookie mechanism, the password policy that private browsing is used differently from how it is is inconsistent with the cookie policy. marketed. We then describe an automated technique for Browser plug-ins and extensions add considerable testing the security of private browsing modes and report complexity to private browsing. Even if a browser ad- on a few weaknesses found in the Firefox browser. Fi- equately implements private browsing, an extension can nally, we show that many popular browser extensions and completely undermine its privacy guarantees. In Sec- plugins undermine the security of private browsing. We tion 6.1 we show that many widely used extensions un- propose and experiment with a workable policy that lets dermine the goals of private browsing.
    [Show full text]
  • Lock-In-Pop: Securing Privileged Operating System Kernels By
    Lock-in-Pop: Securing Privileged Operating System Kernels by Keeping on the Beaten Path Yiwen Li, Brendan Dolan-Gavitt, Sam Weber, and Justin Cappos, New York University https://www.usenix.org/conference/atc17/technical-sessions/presentation/li-yiwen This paper is included in the Proceedings of the 2017 USENIX Annual Technical Conference (USENIX ATC ’17). July 12–14, 2017 • Santa Clara, CA, USA ISBN 978-1-931971-38-6 Open access to the Proceedings of the 2017 USENIX Annual Technical Conference is sponsored by USENIX. Lock-in-Pop: Securing Privileged Operating System Kernels by Keeping on the Beaten Path Yiwen Li Brendan Dolan-Gavitt Sam Weber Justin Cappos New York University Abstract code needed to run such a system increases the odds that Virtual machines (VMs) that try to isolate untrusted flaws will be present, and, in turn, that tens of millions code are widely used in practice. However, it is often of user machines could be at risk [25]. Furthermore, iso- possible to trigger zero-day flaws in the host Operating lation will not work if a malicious program can access System (OS) from inside of such virtualized systems. In even a small portion of the host OS’s kernel that contains this paper, we propose a new security metric showing a zero-day flaw [12]. Both of these drawbacks reveal the strong correlation between “popular paths” and kernel key underlying weakness in designing OSVM systems – vulnerabilities. We verify that the OS kernel paths ac- a lack of information as to which parts of the host kernel cessed by popular applications in everyday use contain can be safely exported to user programs.
    [Show full text]
  • Open Benchmark Alignment
    Benchmark Selection Guide, Vol. 1 Doing it Right Art Morgan Performance Engineer, Intel Corporation Spring 2015 Legal Disclaimers Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark* and MobileMark*, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more information go to http://www.intel.com/performance. Intel is a sponsor and member of the BenchmarkXPRT* Development Community, and was the major developer of the XPRT* family of benchmarks. Principled Technologies* is the publisher of the XPRT family of benchmarks. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases. © 2015 Intel Corporation. Intel, Intel Inside and other logos are trademarks or registered trademarks of Intel Corporation, or its subsidiaries in the United States and other countries. * Other names and brands may be claimed as the property of others. 2 About this Guide This guide uses benchmark comparison tables to help you select the right set of tools for Windows*, Android* and Chrome* platform evaluations. Benchmarks covered in this guide: . General Guidance on Platform Evaluations 3DMark* 1.2.0 ANDEBench* PRO AnTuTu* v5.6.1 . Benchmark Selection for Windows BaseMark* CL BatteryXPRT* 2014 CompuBench* CL 1.5 for OpenCL* . Benchmark Selection for Android CompuBench* RS 2.0 for RenderScript* CrXPRT* 2015 Geekbench* 3.3.1 .
    [Show full text]