Avatar
Log In
Please consider registering
Guest
Forum Scope


Match



Forum Options



Min search length: 3 characters / Max search length: 84 characters
Register Lost password?
sp_topic_old
WebGL - not all it was cracked up to be??
Avatar
Jim Hillier
2700 Posts
(Offline)
1
June 16, 2011 - 9:13 pm

For the unenlightened: WebGL - short for web-based graphics library is (or perhaps was) the new hope for a universal 3D web graphics standard. Particularly useful for online games which utilize hardware-accelerated 3D graphics and for other visually intensive tasks.

WebGL is already built into the Chrome and Firefox browsers and it was hoped it would become the universal standard across all major browsers. However, as with many experimental technologies, everything worked out just fine under the pristine laboratory conditions but it hasn't fared too well in the real world (once security scrutiny kicked in).

It appears inherent vulnerabilities are the main stumbling block. Context Information Security, a reputable security firm, issued initial warnings in May and have now backed that up with specifics.

Microsoft, who have never been a fan of the proposed new standard, have jumped on the bandwagon issuing the following statement: [i:u4wtln7g]"We believe that WebGL will likely become an ongoing source of hard-to-fix vulnerabilities. In its current form, WebGL is not a technology Microsoft can endorse from a security perspective."[/i:u4wtln7g]

You can read through Microsoft's full statement, bluntly titled "WebGL Considered Harmful", [url=http://blogs.technet.com/b/srd/archive/2011/06/16/webgl-considered-harmful.aspx:u4wtln7g]HERE.[/url:u4wtln7g]

Context Information Security's initial May report (WebGL - A New Dimension for Browser Exploitation) can be viewed [url=http://www.contextis.co.uk/resources/blog/webgl/:u4wtln7g]HERE.[/url:u4wtln7g]

Their recent follow up report (WebGL

Avatar
David Hartsock
1117 Posts
(Offline)
2
June 17, 2011 - 3:16 am

This is really a very interesting story given the big picture. Not much to worry about right now, but think of the future...

A browser is a direct vector into not one, but all, operating systems. Security with both current and future standards needs to be a priority for any browser!

Thanks for the head's up, Jim!

Forum Timezone: America/Indiana/Indianapolis
All RSSShow Stats
Administrators:
Jim Hillier
Richard Pedersen
David Hartsock
Moderators:
Carol Bratt
dandl
Jason Shuffield
Jim Canfield
Terry Hollett
Stuart Berg
John Durso
Top Posters:
Chad Johnson: 867
Mindblower: 664
carbonterry2: 356
Flying Dutchman: 278
grr: 211
Newest Members:
JudeLandry
benjaminlouis680309
drogers97439
travishead60
Gohighlevelsnapshots
Forum Stats:
Groups: 8
Forums: 20
Topics: 1941
Posts: 13516

 

Member Stats:
Guest Posters: 11
Members: 3177
Moderators: 7
Admins: 3
Most Users Ever Online: 2303
Currently Online:
Guest(s) 35
Currently Browsing this Page:
1 Guest(s)
Scroll to Top

WHY NOT SUBSCRIBE TO OUR NEWSLETTER?

Get great content like this delivered to your inbox!

It's free, convenient, and delivered right to your inbox! We do not spam and we will not share your address. Period!