Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Brands WebGL a 'Harmful' Technology

Posted by Soulskill on from the guns-don't-kill-people,-webgl-does dept.

An anonymous reader writes "Microsoft has announced that it has no plans to support WebGL — a cross-platform low-level 3D graphics API designed for web use — in its future browsers, citing numerous security concerns over the technology and branding the basic principles as 'harmful.'"

21 of 503 comments (clear)

  1. Microsoft should know... by Bill_the_Engineer · · Score: 5, Informative

    a dangerous web idea when they see one. They created ActiveX.

    --
    These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
    1. Re:Microsoft should know... by Anonymous Coward · · Score: 4, Insightful

      To this day it is still easy to make Word Documents that phone home to a server with user info every time they are opened. But WebGL is harmful.

    2. Re:Microsoft should know... by Anonymous Coward · · Score: 5, Interesting

      Maybe Processing has them scared as shit. Not only does it do OpenGL acceleration in a browser, but it's also open source and nearly a drop-in replacement for Flash or Silverlight.

    3. Re:Microsoft should know... by cygnwolf · · Score: 5, Insightful

      I think you hit the nail on the head there with the Silverlight comment. M$ could probably care less about Flash but they're not fond of any new players in that market.

      --
      Free Pie! The Pie is Also Evil!
    4. Re:Microsoft should know... by beelsebob · · Score: 5, Insightful

      I'm really surprised that everyone is jumping on the "lawl microsoft security" bandwagon here, rather than the "well of course it's dangerous tech – it's OpenGL based, not D3D based... it's dangerous for MS's market share" bandwagon.

    5. Re:Microsoft should know... by Ephemeriis · · Score: 4, Insightful

      Yup.

      If it were WebDirectX they'd be all over it. Since it's WebGL, however, there are security concerns.

      Which isn't to say that the security concerns aren't valid... If you're giving a web page low-level access to your hardware there's certainly a possibility for abuse. But I suspect that Microsoft's concern here is more about market share than security.

      --
      "Work is the curse of the drinking classes." -Oscar Wilde
    6. Re:Microsoft should know... by Locutus · · Score: 5, Insightful

      they created ActiveX in response to Java applets and the threat that someone else's API's could become dominant. This is normal business for Microsoft and just like how they created Direct3D to counter the spreading OpenGL API's in the 90s, WebGL is probably too much of a platform threat to support so they'll do the typical FUD thing and say it sucks, it's bad and it's dangerous while they're working on their own replacement which will solve world hunger according to their press releases and up until it actually ships with about 50% of what WebGL had when they started.

      They must do everything they know how to keep profits rolling and 3D is finally catching on so it's back to their form of business. FUD before crud.

      LoB

      --
      "Anyone who stands out in the middle of a road looks like roadkill to me." --Linus
    7. Re:Microsoft should know... by Locutus · · Score: 4, Insightful

      probably because they have a history of not doing well with security. Microsoft always goes out of their way 'calling the kettle black' when they don't want people using something they don't control so its no wonder people here mock them and point the finger back to them. Have you asked yourself why Microsoft would make such a public statement about WebGL? what is their position on OpenGL and cross platform 3D and why is that? Is Microsoft even part of the WebGL Working Group? Maybe Microsoft should be the ones STFU.

      LoB

      --
      "Anyone who stands out in the middle of a road looks like roadkill to me." --Linus
    8. Re:Microsoft should know... by CokoBWare · · Score: 4, Interesting

      Something tells me they wouldn't create ActiveX today... they've had well over a decade to learn how bad the technology actually is, and try to mitigate their mistakes with it. It doesn't surprise me they'd make comments on WebGL like this today in 2011. A lot can happen in 15 years.

  2. At least silverlight is save! by cccc828 · · Score: 4, Interesting

    I am relieved that sliverlight will never support such harmful technology!

  3. Hate to Say This... by mrpacmanjel · · Score: 5, Informative

    The security issue is a valid question.

    In one of the links in the summary it shows that the video memory can be read and get a snapshot of the user's desktop (in the example a confidential document is viewable) - exceptionally bad. Use an exploit like this with something else means their is potential for a severe security breach.

    Then again it's early stages and I'm sure the security issues will be resolved in time.

    It's an exciting techology especially with regard to streaming games over the internet.

    Who remembers VRML???

  4. They're right by Anonymous Coward · · Score: 5, Insightful

    You really want websites to be able to freeze and possibly crash your graphics subsystem, possibly overheat reboot your machine?

    Besides that, it's just sloppy, just like WebSQL is sloppy. It's just "hey lets compile opengl ES into our browser" or "lets compile SQLite into our browser" and neither are even half-hearted attempts at a proper standard. I originally said this as a joke, but it makes more sense to just link in the quake engine and support a "quake" tag, that takes a link to a PAK file as its .src attribute. That'd at least solve the (very real) security problems. Executing arbitrary shader code from random websites isn't a good idea.

    Aside: apparently noone else supports WebGL either. The implementations in both FF and Chrome are broken. I've had problems with multiple textures, framebuffers, the list goes on. It's simply not working yet.

    Of course, webGL would be trivial to reimplement in IE with a partial trust Silverlight plugin, which could just execute the GL natively, though that would be a much bigger security hole.

  5. It is a problem; but... by fuzzyfuzzyfungus · · Score: 5, Insightful

    It is hard to argue with the thesis that allowing a webpage to run OpenGL code on the system GPU is less secure(and places security in more hands) than not doing so. However, that seems to throw us back on the more basic problem:

    Allowing the internet to do things to your machine is dangerous. It is also among the top reasons why most people bother to own a computer. Letting pages run Javascript opens you up to vulnerabilities in your JS engine. Support for images in webpages means that a bug in any of your image format renderers(and there have been a few of these) will allow the attacker to own you. Even HTML rendering isn't safe. People from the internet are running code on your CPU, through assorted layers of indirection, virtually continually... We put up with this blatantly dangerous situation because we want the functionality.

    Other than the (im)maturity of OpenGL as something that is subject to maliciously crafted input, rather than just error by well-meaning application designers, I'm not seeing a fundamental difference. Everything that happens in your browser happens because filthy, possibly dangerous, 3rd party instructions are executed, through some number of intermediate interpreters and libraries and codecs, right on your hardware.

    Now, I can definitely see the case to be made for "You really shouldn't enable WebGL, except for websites that you would also trust enough to download and execute with admin permissions executables from, until the OpenGL ecosystem has had time to finish wetting itself from pure fear and start improving things", it is quite likely the case that the large, complex, more-focused-on-speed-than-security, mass that is GPU firmware, GPU drivers, etc is a mass of potentially serious issues, having historically been sheltered from the more hostile side of things. However, that doesn't seem fundamentally different from the state of the stack sitting on top of the CPU that was inherited from a more innocent time before widespread network malice. Ultimately, we just had to fix that; because the alternative involved not being able to do what we wanted to do.

  6. I tend to agree by Cigaes · · Score: 4, Insightful

    Considering that most accelerated 3D drivers for video controllers are utter crap full security flaws, or “optimizations“, as some call them, and that a video controller has full access to the system bus, and therefore to the RAM, drives, etc., I tend to agree that letting anyone on the web transparently send possibly crafted data to the 3D driver is, from a security point of view, a rather dubious idea.

  7. Can't trust MS's opinions by bzipitidoo · · Score: 5, Interesting

    What they mean by "security" is not what everyone else means. Security is just the biggest argument in the FUD arsenal. They mean control, to secure their bottom line.

    For 25 plus years, that's been MS's real goal. They tried to kill off Ogg Vorbis over "insecurity"-- the supposed insecurity of no built in DRM. Security was probably one of the arguments they used to push OOXML over ODF when they were trying to maintain their file format lockdown. Talk about an outdated tactic, but then, MS has been slipping for some time now. They would have tried the old line suggesting no one would maintain the software without a large company backing it, another FUD favorite, but even they must see no one would buy that any more. And yet, they can't see the uselessness of the entire Windows Genuine Advantage program.

    What specifically could they be trying to promote in place of webGL? Silverlight?

    --
    Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
  8. WebGL bugs already demonstrated by lseltzer · · Score: 4, Informative

    Context Information Security has already tested WebGL implementations and demonstrated the sorts of bugs Microsoft warns about. In fact, it looks like maybe they got a tip about it from Redmond, but they do demonstrate it, and Mozilla has acknowledged the bugs for Firefox 4.

  9. For once don't bash M$, read the article instead by amn108 · · Score: 5, Insightful

    An essential factor in security is trust. You cannot trust a website you have never seen before to load code of its choosing to be executed on a driver supplied to you by third-party which may or may not have a stellar security record themselves. Especially when "modern" operating systems like Linux run drivers as part of their monolithic kernel and so probably WILL crash when the website code messes up the driver runtime. Windows is heading in all the right directions moving their graphics driver supporing infrastracture out of the kernel into userspace. At least that way, your entire OS won't crash bringing everything down with it. At worst, smart people will figure out doing their favourite things - injecting their code through good old buffer overflows and what not.

    This is what you get when you pair three poorly isolating systems to eachother. Microsoft may have done a lot of their own mess during the years with their products' security, but for once, they are right. Not the least, becaue they probably have gotten so much flak for it they finally decided enough is enough and started going by security checklist documets and automated programs that eliminate all the obvious bugs. I sincerely hope they're getting it, for I for one am tired of hearing everyone bash them. Look into your own backyard when you get 20 million lines of code running wildly on a several hundred million computers around the globe, thanks. Or reduce your SLOC, but that, again, is another discussion.

  10. Don't you just hate it by lorax · · Score: 4, Interesting

    Don't you just hate it when Microsoft takes the high road on security and raises some valid points. We've been through this scenario a bunch of times where some class of programs that used to only be used by local programs became accessible on the web and suddenly there is a rash of exploits (jpeg and pdf come to mind), I'd rather not go through it again.

    That said, I think Microsoft laid out the problems with enough specificity that they could be addressed.

  11. Re:For once don't bash M$, read the article instea by NatasRevol · · Score: 5, Insightful

    Can you explain to me, from your security point of view, how this is any different than using flash or silverlight on the web? Using those technologies, you're loading code form a website to be executed on a driver supplied to you by a third party which does NOT have a stellar security record.

    --
    There are two types of people in the world: Those who crave closure
  12. WEBGL makes the drivers more visible. by leuk_he · · Score: 5, Insightful

    Anything that gets drawn in a browser is controlled by the browser. After 10 years of failure that part mosty is sandboxed into safety. The Code of web gl has almost complete access to the video driver. The video driver was never written for security. Speed and picture quality were the number one priorities. Since the application that ran them was alrady a local application that had a lot of access security was not really an issue. The application that access the drivers did not have to be checked extra, because they had already full access to the machine.

    Display drivers are complex software, that might show the same level of vulnerabilities that plagues the browser.

    However a subset of WEBGL that is more easy check could be implemented safely i think.

    1. Re:WEBGL makes the drivers more visible. by TheRaven64 · · Score: 4, Informative

      You seem to have no idea of how a modern graphics stack works. Canvas drawing is mediated by the browser. You do something like lineTo() from JavaScript. The JavaScript code then translates this into a call to a host OS API call. The call comes from the browser and its arguments are checked by the browser for sanity, then they're checked by the graphics stack, then they're checked by the driver. In contrast, WebGL takes a blob of GLSL code and a blob of data and passes it straight to the driver. The browser can try checking this, but it doesn't really know what to look for. The drivers then compile this C-like code, using a compiler that wasn't designed for security. Then they chuck it over the bus and the card (which may have DMA access to all of system memory) runs it. Comparing the two is like comparing a telephone with someone dictating messages and a fax machine: you're only likely to be goatse'd by one...

      --
      I am TheRaven on Soylent News