The Invisible Window: Exploiting OS-Level Display Affinity to Bypass WebRTC Proctoring Systems

This preprint presents “The Invisible Window”, a security research study of a downstream display-fidelity failure in browser-based proctoring and UI-vision systems.

The paper analyses how documented operating-system display-affinity mechanisms, including Windows SetWindowDisplayAffinity and macOS NSWindow.SharingType.none, can allow a window to remain visible on the physical display while being omitted from screen-capture output. This breaks the common assumption that WebRTC getDisplayMedia() output faithfully represents what the user sees on screen.

The work does not claim an Apple or Microsoft zero-day, nor an operating-system implementation bug. Instead, it classifies the issue as a security-relevant downstream design vulnerability in capture-dependent systems that treat screen-capture output as physical-display truth.

The paper includes a threat model, cross-platform proof-of-concept analysis, empirical evaluation, responsible disclosure summary, vendor boundary classification, ethical discussion, and countermeasure analysis. Operational abuse code is not included in this public record.

Version 2.0 supersedes version 1.0.