Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Brands WebGL a 'Harmful' Technology

Posted by Soulskill on from the guns-don't-kill-people,-webgl-does dept.

An anonymous reader writes "Microsoft has announced that it has no plans to support WebGL — a cross-platform low-level 3D graphics API designed for web use — in its future browsers, citing numerous security concerns over the technology and branding the basic principles as 'harmful.'"

7 of 503 comments (clear)

  1. Microsoft should know... by Bill_the_Engineer · · Score: 5, Informative

    a dangerous web idea when they see one. They created ActiveX.

    --
    These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
  2. Re:Games on Linux means the end of the MS Empire by schnikies79 · · Score: 2, Informative

    The business world keeps Microsoft in power, not gamers.

    --
    Gone!
  3. Hate to Say This... by mrpacmanjel · · Score: 5, Informative

    The security issue is a valid question.

    In one of the links in the summary it shows that the video memory can be read and get a snapshot of the user's desktop (in the example a confidential document is viewable) - exceptionally bad. Use an exploit like this with something else means their is potential for a severe security breach.

    Then again it's early stages and I'm sure the security issues will be resolved in time.

    It's an exciting techology especially with regard to streaming games over the internet.

    Who remembers VRML???

  4. It is true. It is harmful. by 140Mandak262Jamuna · · Score: 2, Informative

    The question is what is harmed. In this it looks like it is harmful to Microsoft's market share and profits.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  5. WebGL bugs already demonstrated by lseltzer · · Score: 4, Informative

    Context Information Security has already tested WebGL implementations and demonstrated the sorts of bugs Microsoft warns about. In fact, it looks like maybe they got a tip about it from Redmond, but they do demonstrate it, and Mozilla has acknowledged the bugs for Firefox 4.

  6. Re:Microsoft should get out of browsers ASAP by nschubach · · Score: 3, Informative

    Windows doesn't come pre-loaded with wget yet (as far as I'm aware) so it's a little more difficult:

    (Start / Run:)
    cmd
    ftp releases.mozilla.org
    (User: anonymous)
    (Pass: joe.blow@somewhere.com)
    cd /pub/mozilla.org/firefox/releases/latest/win32/en-US/
    binary
    mget *.exe
    (answer yes)
    quit
    dir Firefox*
    (Run listed program)

    Pretty sure I didn't miss anything...

    --
    Every time I start to have faith in humanity, I ruin it by driving to work between 7 and 8 am.
  7. Re:WEBGL makes the drivers more visible. by TheRaven64 · · Score: 4, Informative

    You seem to have no idea of how a modern graphics stack works. Canvas drawing is mediated by the browser. You do something like lineTo() from JavaScript. The JavaScript code then translates this into a call to a host OS API call. The call comes from the browser and its arguments are checked by the browser for sanity, then they're checked by the graphics stack, then they're checked by the driver. In contrast, WebGL takes a blob of GLSL code and a blob of data and passes it straight to the driver. The browser can try checking this, but it doesn't really know what to look for. The drivers then compile this C-like code, using a compiler that wasn't designed for security. Then they chuck it over the bus and the card (which may have DMA access to all of system memory) runs it. Comparing the two is like comparing a telephone with someone dictating messages and a fax machine: you're only likely to be goatse'd by one...

    --
    I am TheRaven on Soylent News