### Hardware attacks

Physical GPUs or TPUs can also be the target of attacks. [Published
research](https://scholar.google.com/scholar?q=gpu+side+channel) shows that it
might be possible to use side channel attacks on the GPU to leak data from other
running models or processes in the same system. GPUs can also have
implementation bugs that might allow attackers to leave malicious code running

        for all the RNG in Keras. We plan to switch on the new code path by
        default in tf 2.8, and the behavior change will likely to cause some
        breakage on user side (eg if the test is checking against some golden
        number). These 3 APIs will allow user to disable and switch back to
        legacy behavior if they prefer. In future (eg TF 2.10), we expect to

# This flag is set to true in Bazel 1.0 and newer versions. We tried to migrate
# Tensorflow to the default, however test coverage wasn't enough to catch the
# errors.
# There is ongoing work on Bazel team's side to provide support for transitive
# shared libraries. As part of migrating to transitive shared libraries, we
# hope to provide a better mechanism for control over symbol exporting, and
# then tackle this issue again.
#