Microsoft: WebGL Considered Harmful

[HardOCP News]

Microsoft says that WebGL is harmful to security. Something about overly permissive / promiscuous / servicing third parties / exposed surfaces...wait, what the hell are we talking about again?

The Khronos Group’s WebGL technology is a cross-platform, low-level 3D graphics API for the web. Recently, Context Information Security published two reports critical of the WebGL technology, WebGL – A New Dimension for Browser Exploitation and WebGL – More WebGL Security Flaws.

 

[pxc]

US-CERT gave a similar warning last month: http://www.us-cert.gov/current/archive/2011/05/10/archive.html#web_users_warned_to_turn

WebGL Security Risks

added May 10, 2011 at 11:35 am
US-CERT is aware of reports indicating that WebGL contains multiple significant security issues. The impact of these issues includes arbitrary code execution, denial of service, and cross-domain attacks. WebGL is a new web standard that is enabled by default in Firefox 4 and Google Chrome and is included in Safari.

US-CERT encourages users and administrators to review the Context report and disable WebGL to help mitigate the risks.

 

[Ryokurin]

in layman's terms people have come up with code that can basically crash your video card at will via exploits in webgl. While modern operating systems like Win 7 can generally recover, they can still keep it going long enough to completely crash the system. If you can crash the system at will, it's just a matter of time before you can figure out how to get the system (in this case the video card) to run something else instead.

 

[Shadow2531]

Still though. This WebGL + Mozilla Audio API demo is pretty awesome.

 

[Solidstate89]

While Microsoft likes to bullshit, it is true as far as I've seen from other security researchers. OpenGL in general has always had less...well "security" for lack of a more technical term vs. Direct X.

I prefer Direct X for gaming, but since it's a web standard I'm all for using an OpenGL alternative, however even Carmack has noted that Direct X has superior "security" capabilities compared to OpenGL and its derivatives. Low-level calls and other technical advantages that I really can't think of off the top of my head.

 

[Elios]

pot meet kettle how is that ActiveX working for you Microsoft lol

 

[Azhar]

Security didn't stop Adobe from distributing Flash and Acrobat Reader in everyone's computer.

 

[dyzophoria]

well its really true, (sorry MS-haters, is true this time ), you can't really blame it, its still at its infancy, give ti a few more years, I think it will be better. on a side note, who has more experience on system crashes and vulnerabilities before - MS, take it from experience I guess

 

[socK]

in layman's terms people have come up with code that can basically crash your video card at will via exploits in webgl. While modern operating systems like Win 7 can generally recover, they can still keep it going long enough to completely crash the system. If you can crash the system at will, it's just a matter of time before you can figure out how to get the system (in this case the video card) to run something else instead.

Windows is in a better situation here, your driver will restart if you hang it in and infinite loop or something from a bad shader. I'm not sure that OSX and Linux have the same capabilities.

 

[srangara]

I prefer Direct X for gaming, but since it's a web standard I'm all for using an OpenGL alternative

Did you mean Windows standard?

 

[Revdarian]

Did you mean Windows standard?

No, re-read what he wrote, as it was totally right.

 

[AtkinS]

While Microsoft likes to bullshit, it is true as far as I've seen from other security researchers. OpenGL in general has always had less...well "security" for lack of a more technical term vs. Direct X.

I prefer Direct X for gaming, but since it's a web standard I'm all for using an OpenGL alternative, however even Carmack has noted that Direct X has superior "security" capabilities compared to OpenGL and its derivatives. Low-level calls and other technical advantages that I really can't think of off the top of my head.

that wasnt true untill 2003 when finally they were on par.
Direct X looked horribly 10 years ago.

 

[AtkinS]

that wasnt true untill 2003 when finally they were on par.
Direct X looked horribly 10 years ago.

horrible and horrible, 13 years ago it was horrible, but it was lacking, and you could clearly see what games ran opengl and directx, opengl was better.

 

[Conker]

Opengl looked the best before in the older days. I notice in most Directx games that they are more gpu dependent than in Opengl games. I still like Opengl better since its the most compatible. It looks great these days also. Don't have to worry about dx11 10 9 or whatever version with Opengl practically.

 

[Ryokurin]

Windows is in a better situation here, your driver will restart if you hang it in and infinite loop or something from a bad shader. I'm not sure that OSX and Linux have the same capabilities.

Yes, that was the part I was talking about where win7/vista can recover from it, but allegedly if the attacker just keeps chaining the crashes together, eventually windows won't be able to restart it and will just bluescreen like all the older versions.

 

[Solidstate89]

that wasnt true untill 2003 when finally they were on par.
Direct X looked horribly 10 years ago.

When DX9 was released it left OpenGL behind and it's continued to do so since then. Think about it, when was the last time an OpenGL version was released before a Direct X version and forced Microsoft to counter?

It hasn't happened in a long time. DX9, DX10 and DX11 all came out first and the Kronos group rushed to release an updated OpenGL version with support for Microsoft had already developed and released in Direct X.

When even Carmack admits that Direct X has had the innovative advantage over the years (despite the fact he still uses OpenGL) you know it's far behind as far as gaming is concerned.

I still use OpenGL in regards to rendering and 3D Modeling though. However for gaming, nothing beats Direct X right now.

 

[Ashbringer]

When DX9 was released it left OpenGL behind and it's continued to do so since then. Think about it, when was the last time an OpenGL version was released before a Direct X version and forced Microsoft to counter?

It hasn't happened in a long time. DX9, DX10 and DX11 all came out first and the Kronos group rushed to release an updated OpenGL version with support for Microsoft had already developed and released in Direct X.

When even Carmack admits that Direct X has had the innovative advantage over the years (despite the fact he still uses OpenGL) you know it's far behind as far as gaming is concerned.

I still use OpenGL in regards to rendering and 3D Modeling though. However for gaming, nothing beats Direct X right now.

There's been a lot of talk about "Direct to metal" with a lot of developers. Seems these API's aren't any good anymore. They cause a severe loss of performance.

 

[Cali3350]

An interpreting API will always perform worse than direct access. Actually writing a game with 'direct hardware access' would be terrible though. You can get away with it on consoles, but on a PC.... damn. I just had a nightmare.

 

[pxc]

As usual, Ars has a more nuanced take on MS's statements. Go read it if you want. Whatever...

 

[ManofGod]

The problem with direct to metal is you lose system stability. Letting hardware access the ring zero section directly would be really bad in my opinion. (Unless I am totally misunderstanding this.)

 

[pxc]

The problem with direct to metal is you lose system stability.

I agree that it would be a lot more fragile, both for compatibility and performance. The purpose of APIs and hardware abstraction is to make broad hardware compatibility possible and simplify using vastly different hardware via (complex) video drivers.

For example, you can plug in a 7 year old GeForce 6* series card, or a 4 year old HD 2000* series card into a Windows 7 system and get WDDM 1.1 features (full Aero DWM compositing, DXGI with Direct2D/DirectWrite, etc) and play DX9/SM2 mode games if you want. Pretty cool really for old-ish hardware.

*GeForce FX, Nvidia's oldest DX9 GPU, have WDDM 1.0 drivers available. Radeon 9000 (excluding DX8 only models) series up to HD 1000 series also have WDDM 1.0 drivers available.

 

[TechLarry]

As someone that see's and fixes least a dozen drive-by infection's a week (yes, even with Win7 and IE8), I'm not so sure MS would be my source for security information when it comes to browsers. Not until they get their own house in order.

 

[xorbe]

translation: "We haven't embraced and extended yet, so please wait!"

 

[Solidstate89]

The problem with direct to metal is you lose system stability. Letting hardware access the ring zero section directly would be really bad in my opinion. (Unless I am totally misunderstanding this.)

It's my understanding that at least since Windows Vista, the graphics drivers themselves are located in ring zero to improve system performance. I think it's a big reason why you improved framerates compared to Windows XP even when using the same hardware.

 

[Ryokurin]

Actually, they moved everything except low level calls to user mode out of Kernel, which explains why it's possible for Vista/7 to recover from a video card based crash. If anything improved performance, it's likely the fact that the driver does not have to support as many interfaces anymore. The OS takes care of that. http://msdn.microsoft.com/en-us/library/aa480220.aspx

 

[Gnasher]

I already disabled WebGL in Firefox because of this warning last week.

about:config

double click webgl.disabled so it reads true to disable.