WebGL - not all it was cracked up to be??


Please consider registering


— Forum Scope —

— Match —

— Forum Options —

Minimum search word length is 3 characters - maximum search word length is 84 characters

Register Lost password?
sp_Feed sp_topic_old
WebGL - not all it was cracked up to be??
Jim Hillier
Forum Posts: 2660
Member Since:
August 9, 2011
sp_UserOfflineSmall Offline
June 16, 2011 - 9:13 pm
sp_Permalink sp_Print

For the unenlightened: WebGL - short for web-based graphics library is (or perhaps was) the new hope for a universal 3D web graphics standard. Particularly useful for online games which utilize hardware-accelerated 3D graphics and for other visually intensive tasks.

WebGL is already built into the Chrome and Firefox browsers and it was hoped it would become the universal standard across all major browsers. However, as with many experimental technologies, everything worked out just fine under the pristine laboratory conditions but it hasn't fared too well in the real world (once security scrutiny kicked in).

It appears inherent vulnerabilities are the main stumbling block. Context Information Security, a reputable security firm, issued initial warnings in May and have now backed that up with specifics.

Microsoft, who have never been a fan of the proposed new standard, have jumped on the bandwagon issuing the following statement: [i:u4wtln7g]"We believe that WebGL will likely become an ongoing source of hard-to-fix vulnerabilities. In its current form, WebGL is not a technology Microsoft can endorse from a security perspective."[/i:u4wtln7g]

You can read through Microsoft's full statement, bluntly titled "WebGL Considered Harmful", [url=http://blogs.technet.com/b/srd/archive/2011/06/16/webgl-considered-harmful.aspx:u4wtln7g]HERE.[/url:u4wtln7g]

Context Information Security's initial May report (WebGL - A New Dimension for Browser Exploitation) can be viewed [url=http://www.contextis.co.uk/resources/blog/webgl/:u4wtln7g]HERE.[/url:u4wtln7g]

Their recent follow up report (WebGL

David Hartsock
Forum Posts: 1117
Member Since:
August 7, 2011
sp_UserOfflineSmall Offline
June 17, 2011 - 3:16 am
sp_Permalink sp_Print

This is really a very interesting story given the big picture. Not much to worry about right now, but think of the future...

A browser is a direct vector into not one, but all, operating systems. Security with both current and future standards needs to be a priority for any browser!

Thanks for the head's up, Jim!

Forum Timezone: America/Indiana/Indianapolis

Most Users Ever Online: 2303

Currently Online:
15 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Member Stats:

Guest Posters: 11

Members: 2886

Moderators: 6

Admins: 4

Forum Stats:

Groups: 8

Forums: 20

Topics: 1879

Posts: 13310

Administrators: Jim Hillier, Richard Pedersen, David Hartsock, Marc Thomas

Moderators: Carol Bratt, dandl, Jason Shuffield, Jim Canfield, Terry Hollett, Sergey Grankin

Scroll to Top


Get great content like this delivered to your inbox!

It's free, convenient, and delivered right to your inbox! We do not spam and we will not share your address. Period!