WebGL is Fundamentally Flawed
But there more! Not only is WebGL inherently flawed, but Google one of WebGL strongest proponents even knew about the DoS and cross domain image vulnerabilities months before they were thrust into the limelight by Context report. Not deterred by these flaws in the WebGL spec or its implementation, Google pushed ahead and turned on WebGL by default in February 2011, in Chrome 9.
It is telling that Google of Microsoft famous FishIE Tank benchmark at Google I/O in May. Back in 2010, when all three browser vendors were rushing to one up each other, Chrome never quite managed to beat IE9 FishIE Tank scores. Instead of a confrontation, is it possible that Google simply shifted gears to WebGL a technology that Internet Explorer has no intention of sup insanity workout porting? After all, Chrome main draw is its speed and if IE is demonstrably faster, then Google is in trouble.
Irrespective of whether Google strong armed the introduction of WebGL or not, the fact remains: WebGL is now included by default in the world second and third most popular browsers. Apple will be including WebGL support in the version of Safari that ships with Mac OS X Lion, and Opera is toying with WebGL in its development builds. The cat is well and truly out of the bag and it missing a leg.
The hole will be fixed, like the DoS and cross domain image exploit (yay Mozilla!), but I more worried that bugs like cross domain imaging were identified but still ended up in production builds of Firefox and Chrome.
Do you think that similar bugs will be found in the future? Do you think that another, more inherently secure spec could replace WebGL?
It sure has a more direct line to the _GPU_ than any other Web technology, but other web technologies have a more direct line to other, actually even more important parts of the hardware. For example, JIT compiled JS has a pretty line to main memory and CPU.
> That not to say that it can be secured but as it
stands, as the specification is outlined, I think it only a matter of
time until a WebGL flaw is found which allows elevated access to the GPU
First of all, exploits are possible in any piece of code, so here I focus only on what is specific to the WebGL spec and GPUs and not about any bug that a particular WebGL implementation might have like any other piece of code.
The thing that one might legitimately fear with WebGL is that a shader would make an illegal access to video memory, allowing it to read video memory belonging to another page or application. However, if that ever became a concern, since everything a WebGL shader does can be statically check insanity workout ed, it would be possible to check for that in the ANGLE compiler. A bug has even been filed on the ANGLE bug tracker about that, insanity workout so you can track progress on this (if this ever gets deemed necessary):If you wondering why this bug is only concerned with uniform arrays and not other kinds of video memory buffers, that because that the only case where the shading language itself doesn have completely well defined semantics. In other cases, out of bounds access is simply impossible. For textures, the semantics are explicitly controlled by texture wrap modes. you write and not The hole will be fixed, like the DoS and cross domain image exploit
(yay Mozilla!), but I more worried that bugs like cross domain imaging
were identified but still ended up in production builds of Firefox
> Do you think that similar bugs will be found in the future?
Of course, security vulnerabilities are found all the time, everywhere. That ev insanity workout en more true in new technologies like WebGL that expand the attack surface in new ways.
Posted in insanity workout and tagged insanity, insanity workout by insanityworkout with .