Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Graphics Microsoft Security The Internet News

Microsoft Brands WebGL a 'Harmful' Technology 503

Posted by Soulskill
from the guns-don't-kill-people,-webgl-does dept.
An anonymous reader writes "Microsoft has announced that it has no plans to support WebGL — a cross-platform low-level 3D graphics API designed for web use — in its future browsers, citing numerous security concerns over the technology and branding the basic principles as 'harmful.'"
This discussion has been archived. No new comments can be posted.

Microsoft Brands WebGL a 'Harmful' Technology

Comments Filter:
  • by Bill_the_Engineer (772575) on Friday June 17, 2011 @07:47AM (#36473122)
    a dangerous web idea when they see one. They created ActiveX.
    • by Noughmad (1044096)

      Didn't they use to claim how Firefox and Linux are insecure?

      • by WindBourne (631190) on Friday June 17, 2011 @09:55AM (#36474598) Journal
        Yes, they did. However, with WebGL, they actually have a good and factual point. There ARE security flaws in it that MUST be addressed.
    • by Anonymous Coward on Friday June 17, 2011 @08:11AM (#36473354)

      Maybe Processing [processing.org] has them scared as shit. Not only does it do OpenGL acceleration in a browser, but it's also open source and nearly a drop-in replacement for Flash or Silverlight.

    • by jasmusic (786052)
      ...and are adding P/Invoke to Silverlight last I heard.
    • by beelsebob (529313) on Friday June 17, 2011 @08:27AM (#36473514)

      I'm really surprised that everyone is jumping on the "lawl microsoft security" bandwagon here, rather than the "well of course it's dangerous tech – it's OpenGL based, not D3D based... it's dangerous for MS's market share" bandwagon.

      • by Ephemeriis (315124) on Friday June 17, 2011 @08:52AM (#36473766)

        Yup.

        If it were WebDirectX they'd be all over it. Since it's WebGL, however, there are security concerns.

        Which isn't to say that the security concerns aren't valid... If you're giving a web page low-level access to your hardware there's certainly a possibility for abuse. But I suspect that Microsoft's concern here is more about market share than security.

        • by tepples (727027)

          If you're giving a web page low-level access to your hardware

          Then your operating system is broken. A browser implementing WebGL makes calls to the operating system's implementation of OpenGL or Direct3D, which is supposed to protect each application using OpenGL or Direct3D from others. A broken 3D video driver is no different from a broken 2D video driver: both are security holes.

          • If you're giving a web page low-level access to your hardware

            Then your operating system is broken. A browser implementing WebGL makes calls to the operating system's implementation of OpenGL or Direct3D, which is supposed to protect each application using OpenGL or Direct3D from others. A broken 3D video driver is no different from a broken 2D video driver: both are security holes.

            I guess that's true these days. I've had various games crash my 3D drivers and I just get a pop-up message stating that the driver had to be re-started.

            I'm still thinking of the good ol' days where a video driver crash meant a BSOD.

          • More likely, you have broken hardware. Microsoft's complaint is based on reality, not theory. In theory, the driver would contain no bugs and the hardware would provide enough isolation that multiple applications' command streams and memory accesses would be isolated and would be no more able to interact without operating system mediation than multiple unprivileged processes on the CPU. In practice, the hardware generally makes a half-arsed attempt at providing isolation, with numerous ways of bypassing

          • A browser implementing WebGL makes calls to the operating system's implementation of OpenGL or Direct3D, which is supposed to protect each application using OpenGL or Direct3D from others.

            The operating system "implements" OpenGL or D3D largely by deferring to the driver, since only that knows whether the call can be handed over to graphics hardware pretty much as is, or need to be broken down into smaller components. What's under question here is the security of the driver.

            It's not normally an issue when we're talking about basic stuff such as "draw this here polygon", but WebGL also has shaders - i.e. code! - that runs on the GPU. And it's much harder to guarantee that the existing implemen

    • by erroneus (253617)

      That too was my first thought. And they still haven't been able to put the shit back into the horse. Once the web (internal and external) started hosting proprietary apps based on ActiveX and/or MSIE6, it has been amazingly hard to get business to move on. After all, they spent a LOT of money utilizing these technologies and they don't want to spend even more developing and migrating away from it.

      That said, I am all but certain there must be a way to make WebGL safe.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Even a stopped clock can be right once or twice a day. Concerns for the security of this popped up on slashdot not long ago, and seemed to be accepted, but now that MS has concerns, it's a great tech?

      They should treat it like they treat all of their other insecure tech (scripting in word, html in emails with outlook, activex, silverlight that wants to do risky things) - prompt the users "Hey, do you want to do this, it's probably not a bright idea unless you really trust the source"

    • by Locutus (9039) on Friday June 17, 2011 @08:57AM (#36473806)
      they created ActiveX in response to Java applets and the threat that someone else's API's could become dominant. This is normal business for Microsoft and just like how they created Direct3D to counter the spreading OpenGL API's in the 90s, WebGL is probably too much of a platform threat to support so they'll do the typical FUD thing and say it sucks, it's bad and it's dangerous while they're working on their own replacement which will solve world hunger according to their press releases and up until it actually ships with about 50% of what WebGL had when they started.

      They must do everything they know how to keep profits rolling and 3D is finally catching on so it's back to their form of business. FUD before crud.

      LoB
    • by CokoBWare (584686) on Friday June 17, 2011 @09:16AM (#36474028)

      Something tells me they wouldn't create ActiveX today... they've had well over a decade to learn how bad the technology actually is, and try to mitigate their mistakes with it. It doesn't surprise me they'd make comments on WebGL like this today in 2011. A lot can happen in 15 years.

      • by Shotgun (30919)

        They had 20 years of UNIX to learn from before they created ActiveX. Hell, even a fool with a comp-sci degree could have told them that unfettered access to the local machine from any remote machine was brain-dead stupid. The biggest pain with Java applets was the sandbox put around it, and Micosoft was well aware of the reason for it.

        The "they didn't know it would be that bad" argument is just lame. If they didn't know, they were completely incompetent. If they knew, and chose to ignore common sense, t

  • From a security centric company!
    • by Luckyo (1726890)

      For last few years, microsoft has done a lot for security. I understand that this is slashdot and microsoft bashing is always in vogue, but to claim that because company x was doing something wrong several years ago, and started doing it right many years ago makes for ancient history in IT world.

      • by iserlohn (49556)

        You're right. Microsoft has done lots for the information security industry by selling a desktop and desktop derived server OS that has an security model that is insecure by default.

        Just because we're Microsoft bashing, doesn't mean we don't have a point.

  • by cccc828 (740705) on Friday June 17, 2011 @07:53AM (#36473174)
    I am relieved that sliverlight will never support such harmful technology [microsoft.com]!
    • Re: (Score:2, Interesting)

      Under "Extended Features":

      "Access devices and other system capabilities by calling into application COM components."

      "Call existing unmanaged code directly from within Silverlight with PInvoke."

      "Read and write files to the user’s My Documents folder, making it easier to find media files or create local copies of reports. Launch Microsoft Office and other desktop programs. Users can open Microsoft Outlook and create an e-mail message, or send a report to Word utilizing the power of Office."

      T
  • by DavidR1991 (1047748) on Friday June 17, 2011 @07:53AM (#36473176) Homepage

    "Although mitigatinos such as ARB_robustness [...]"

    Nice Microsoft, nice.

    Whilst I believe that WebGL _could_ become a vector for attack, I think this is actually "We want to push DX not GL, let's stick to NIH by saying it's dangerous instead"

  • Hate to Say This... (Score:5, Informative)

    by mrpacmanjel (38218) on Friday June 17, 2011 @07:58AM (#36473224)

    The security issue is a valid question.

    In one of the links in the summary it shows that the video memory can be read and get a snapshot of the user's desktop (in the example a confidential document is viewable) - exceptionally bad. Use an exploit like this with something else means their is potential for a severe security breach.

    Then again it's early stages and I'm sure the security issues will be resolved in time.

    It's an exciting techology especially with regard to streaming games over the internet.

    Who remembers VRML???

    • I really wish we could have more discussions where MS is mentioned that don't immediately devolve into "MS is teh E V I L !!! Anything they say or do is wrong!"

    • by sgt scrub (869860)

      I completely agree. It needs to be fixed not dumped. This reminds me of WebSockets Experiment comparing Upgrade and CONNECT handshakes [ietf.org]. Microsoft didn't say they wanted websockets abandoned. If there isn't OpenGL support in other browsers HTML5 canvas will be better in IE than any other browser. In other words, convincing everyone OpenGL support is evil and scary when IE gets HTML5 canvas support it would put them in the front of graphically rich web interfaces.

  • by The MAZZTer (911996) <megazzt@gmai[ ]om ['l.c' in gap]> on Friday June 17, 2011 @07:58AM (#36473226) Homepage
    If WebGL takes off, they'll have no choice but to support it. If it doesn't, then no-one will care that they don't support it.
    • Ha! If only that was true for CSS

    • by Bengie (1121981)

      WebGL is as bad or worse than ActiveX ever was. Should be interesting.

      I've already read security blogs from reputable security professionals about how WebGL is flawed from the ground up and can allow for kernel level security issues. ActiveX at least ran as the current user, not kernel.

      I really think MS could get away with no implementing it.

    • If WebGL takes off, they'll have no choice but to support it. If it doesn't, then no-one will care that they don't support it.

      If it takes off, Microsoft will pull its standard Embrace, Extend, Extinguish strategy on it.

  • Microsoft has no business building browsers. The open architecture of the web will always conflict with IE being closed source and the EEE tactics Microsoft is constantly trying on various web technologies. In the past, Microsoft's hegemony over computer technology gave them enough influence that they might actually have a chance at "de-commoditizing" (as they say) some popular open web technologies, but that's over, they aren't the 800lb gorilla in the room anymore, they're just another dog in a fight with at least 2 other dogs (the Open dog and the Apple dog - and no they're not the same. Look at Safari's special HTML5 rendering. Familiar? Don't forget that an open web also poses a threat to Apple's mobile apps).

    By continuing to work on browsers, Microsoft is fighting a war they can't win, but like all wars this one is still harmful to the other combatants and various innocent bystanders.

    • by pinpuke (2194896)
      RE: "Microsoft has no business building browsers." Well, maybe that should read... "Microsoft has only to build browsers for big business." Firefox is a pain to manage in large corporate settings. Luckily someone out there made the CCK for Firefox but it can still be a pain to manage once deployed. If you take away IE then when you make calls to businesses that serve you don't complain about the extra long call queues and slow account services. Corporate infrastructures that utilize web apps will come to
    • by paimin (656338)
      How does Webkit not qualify as open?
      • Webkit is open source but Safari isn't, and Apple has shown they have no intention of following HTML5 standards, at least with Safari (although adding a ton of redundant vendor-specific HTML5 features to WebKit in the first place doesn't scream "openness"). If IE swapped its rendering engine to a WebKit fork tomorrow, it wouldn't make IE an open browser.

  • They're right (Score:5, Insightful)

    by Anonymous Coward on Friday June 17, 2011 @07:59AM (#36473234)

    You really want websites to be able to freeze and possibly crash your graphics subsystem, possibly overheat reboot your machine?

    Besides that, it's just sloppy, just like WebSQL is sloppy. It's just "hey lets compile opengl ES into our browser" or "lets compile SQLite into our browser" and neither are even half-hearted attempts at a proper standard. I originally said this as a joke, but it makes more sense to just link in the quake engine and support a "quake" tag, that takes a link to a PAK file as its .src attribute. That'd at least solve the (very real) security problems. Executing arbitrary shader code from random websites isn't a good idea.

    Aside: apparently noone else supports WebGL either. The implementations in both FF and Chrome are broken. I've had problems with multiple textures, framebuffers, the list goes on. It's simply not working yet.

    Of course, webGL would be trivial to reimplement in IE with a partial trust Silverlight plugin, which could just execute the GL natively, though that would be a much bigger security hole.

    • by kyz (225372)

      it makes more sense to just link in the quake engine and support a "quake" tag

      Yesterday's news, my good man - haven't you heard of Quake Live [quakelive.com]? Serve up the .pak with MIME type "application/x-id-quakelive" and Bob's your uncle!

    • by gmueckl (950314)

      What hardware and OS did you try WebGL on? If it was Linux with poor (read: open source) drivers then there's your explanation. I've yet to see any open source driver for 3D hardware acceleration that actually works (and being able to run desktop compositing does not count - it's not even remotely an indication of how modern 3D rendering is done). I really hate to bash the open source drivers in that fashion, even though it's true.

  • ...to their business model. Let's face it: if WebGL really took off and brought about it a myriad web-based games, the Microsoft stranglehold on PC gaming would be in jeopardy.
    • The strangelhold is over anyway, given the current markets. You have the Xbox and the PC which are DirectX, the rest uses OpenGL or OpenGL derivates. Almost 100% of all game makers use an existing engine, which is optimized for cross platform development anyway.
      It is just a matter of time til those engines also have their webgl ports one way or the other.
      Whatever Microsoft does in this area is only to the degree relevant that if they dont support it it wont be used in a corporate environment.

  • Microsoft has rejected interoperable technologies based on spurious "security concerns" before, only to release later a competing yet non-interoperable technology with far worse security problems than ever showed up on what they rejected. Remember browser plugins, passed over in favor of the steaming pile of fail that is ActiveX?

    Look for WebDirect3D in the next version of IE, likely with every problem MS claims WebGL has and a few new ones.

    • I am almost 100% sure about that WebGL will be the point where Microsoft again will fork away. I have been expecting that for months now.
      Also so far all their efforts towards html5 are pretty half assed, even IE9 can be barely described as html5 compliant, but given the state of the current specs only time will tell if Microsoft again will be a burden on the web developing world.

  • by fuzzyfuzzyfungus (1223518) on Friday June 17, 2011 @08:03AM (#36473272) Journal
    It is hard to argue with the thesis that allowing a webpage to run OpenGL code on the system GPU is less secure(and places security in more hands) than not doing so. However, that seems to throw us back on the more basic problem:

    Allowing the internet to do things to your machine is dangerous. It is also among the top reasons why most people bother to own a computer. Letting pages run Javascript opens you up to vulnerabilities in your JS engine. Support for images in webpages means that a bug in any of your image format renderers(and there have been a few of these) will allow the attacker to own you. Even HTML rendering isn't safe. People from the internet are running code on your CPU, through assorted layers of indirection, virtually continually... We put up with this blatantly dangerous situation because we want the functionality.

    Other than the (im)maturity of OpenGL as something that is subject to maliciously crafted input, rather than just error by well-meaning application designers, I'm not seeing a fundamental difference. Everything that happens in your browser happens because filthy, possibly dangerous, 3rd party instructions are executed, through some number of intermediate interpreters and libraries and codecs, right on your hardware.

    Now, I can definitely see the case to be made for "You really shouldn't enable WebGL, except for websites that you would also trust enough to download and execute with admin permissions executables from, until the OpenGL ecosystem has had time to finish wetting itself from pure fear and start improving things", it is quite likely the case that the large, complex, more-focused-on-speed-than-security, mass that is GPU firmware, GPU drivers, etc is a mass of potentially serious issues, having historically been sheltered from the more hostile side of things. However, that doesn't seem fundamentally different from the state of the stack sitting on top of the CPU that was inherited from a more innocent time before widespread network malice. Ultimately, we just had to fix that; because the alternative involved not being able to do what we wanted to do.
  • Amazing! (Score:2, Funny)

    by Anonymous Coward

    Microsoft claims competitor's technology harmful and everyone should use their safe & secure version :)

    Tune in at 11 for more news from the No Shit, Sherlock dept

  • I tend to agree (Score:4, Insightful)

    by Cigaes (714444) on Friday June 17, 2011 @08:05AM (#36473294) Homepage
    Considering that most accelerated 3D drivers for video controllers are utter crap full security flaws, or “optimizations“, as some call them, and that a video controller has full access to the system bus, and therefore to the RAM, drives, etc., I tend to agree that letting anyone on the web transparently send possibly crafted data to the 3D driver is, from a security point of view, a rather dubious idea.
  • by 140Mandak262Jamuna (970587) on Friday June 17, 2011 @08:10AM (#36473344) Journal
    The question is what is harmed. In this it looks like it is harmful to Microsoft's market share and profits.
  • by bzipitidoo (647217) <bzipitidoo@yahoo.com> on Friday June 17, 2011 @08:13AM (#36473372) Journal

    What they mean by "security" is not what everyone else means. Security is just the biggest argument in the FUD arsenal. They mean control, to secure their bottom line.

    For 25 plus years, that's been MS's real goal. They tried to kill off Ogg Vorbis over "insecurity"-- the supposed insecurity of no built in DRM. Security was probably one of the arguments they used to push OOXML over ODF when they were trying to maintain their file format lockdown. Talk about an outdated tactic, but then, MS has been slipping for some time now. They would have tried the old line suggesting no one would maintain the software without a large company backing it, another FUD favorite, but even they must see no one would buy that any more. And yet, they can't see the uselessness of the entire Windows Genuine Advantage program.

    What specifically could they be trying to promote in place of webGL? Silverlight?

  • by lseltzer (311306) on Friday June 17, 2011 @08:14AM (#36473378)
    Context Information Security has already tested WebGL implementations and demonstrated the sorts of bugs Microsoft warns about [pcmag.com]. In fact, it looks like maybe they got a tip about it from Redmond, but they do demonstrate it, and Mozilla has acknowledged the bugs for Firefox 4 [mozilla.com].
    • Ya I read the bug report from Mozilla

      This is a Firefox-specific implementation issue not a WebGL specification issue.

      .. so I'm still not sure this issue will be as big as MS makes it. Possibly, but it is still to early to tell. Also, I've been working with webGL and loving it. I'm seriously contemplating building an entire RTS based on it. So I'm hoping it works out.

  • by amn108 (1231606) on Friday June 17, 2011 @08:14AM (#36473382)

    An essential factor in security is trust. You cannot trust a website you have never seen before to load code of its choosing to be executed on a driver supplied to you by third-party which may or may not have a stellar security record themselves. Especially when "modern" operating systems like Linux run drivers as part of their monolithic kernel and so probably WILL crash when the website code messes up the driver runtime. Windows is heading in all the right directions moving their graphics driver supporing infrastracture out of the kernel into userspace. At least that way, your entire OS won't crash bringing everything down with it. At worst, smart people will figure out doing their favourite things - injecting their code through good old buffer overflows and what not.

    This is what you get when you pair three poorly isolating systems to eachother. Microsoft may have done a lot of their own mess during the years with their products' security, but for once, they are right. Not the least, becaue they probably have gotten so much flak for it they finally decided enough is enough and started going by security checklist documets and automated programs that eliminate all the obvious bugs. I sincerely hope they're getting it, for I for one am tired of hearing everyone bash them. Look into your own backyard when you get 20 million lines of code running wildly on a several hundred million computers around the globe, thanks. Or reduce your SLOC, but that, again, is another discussion.

    • executed on a driver supplied to you by third-party which may or may not have a stellar security record themselves.

      That is more of a critique of Microsoft Windows itself than of WebGL.

    • by NatasRevol (731260) on Friday June 17, 2011 @09:01AM (#36473838) Journal

      Can you explain to me, from your security point of view, how this is any different than using flash or silverlight on the web? Using those technologies, you're loading code form a website to be executed on a driver supplied to you by a third party which does NOT have a stellar security record.

      • by amn108 (1231606)

        Sure, gladly. You have half a point - indeed systems that communicate invariably affect and potentially may compromise each other. That's a fact, which can also be seen in any other field of engineering. Like they say, the only secure system is the one that is not connected [to the Internet]. But since we do connect systems, the factor here is the interface cross-section. Flash Player and Silverlight, ok I won't speak for Silverlight because I never said it is much better than WebGL, so yeah - Flash Player

  • the graphics there sums it up nicely: http://www.contextis.com/resources/blog/webgl/ [contextis.com] Web > Browser > graphics driver > kernel, and we all know graphics drivers are full of bugs/holes, and that even killing and restarting them is not a solution if the browser keeps bombarding them with spurious request. DOS and intrusion must be very easy that way.

    It's also true that MS are picking an argument they like, and that they have, in the past and even now, created plenty of exploit avenues.

    I think we nee

    • maybe one solution would be to create an intermediary WebGL driver in userland with lots of security checks. Would that still be worth it, performance-wise

  • by lorax (2988) on Friday June 17, 2011 @08:25AM (#36473498)

    Don't you just hate it when Microsoft takes the high road on security and raises some valid points. We've been through this scenario a bunch of times where some class of programs that used to only be used by local programs became accessible on the web and suddenly there is a rash of exploits (jpeg and pdf come to mind), I'd rather not go through it again.

    That said, I think Microsoft laid out the problems with enough specificity that they could be addressed.

  • Games. No joystick and other input handling, no feedback and such. Now if the browsers would have this functionality possible as standard then I would say Microsoft would have a valid concern painting the devil on the wall that they think WebGL is. However without those crucial components its more likely not a valid concern... I argue that their own supposed IE9 3D accelerated rendered pages for 2D panes is already doing something they are now stating is inherently insecure... Microsoft is really now just

  • I am reminded of the day when Microsoft's server OS was changed so that unverified third-party video card drivers were run in ring 0. It didn't used to be that way, and it doesn't make sense in a server OS, but they did it anyway.

    It's one of the reasons I consider Windows NT 3.51 to be the last decent server OS to come out of Microsoft.

  • Just look at all of the security issues that Microsoft Windows has, and all of the security problems that Microsoft Windows has caused globally.
  • Any new major features which allows the execution of code off the Internet is potentially dangerous. Its direct connection to hardware is also another cause for concern, especially with immature technology. However, there is also massive demand for hardware acceleration of downloaded code.

    The reality is that if the browser vendors do this right, this is no more of a problem than the potential for users to download executables off the Internet and running them. Users can always screw things up and it is the

  • Microsoft saying that using any graphics library other than their own -- which happens to only be available on their operating system -- is harmful and should be avoided. Shocking.

  • Microsoft would prefer to push Silverlight (which does not support OpenGL or DirectX (good call) but still does some software 3D)

    That doesn't make them wrong, WebGL is stupidly insecure, because making it secure means you start to destroy performances by having a large layer between the graphic card and WebGL, while right now you're basically calling OpenGL.

    In fact, except by using a proper operating system (such as singularity incidentally) and a proper, fully controlled messaging system between the OpenGL

Be careful when a loop exits to the same place from side and bottom.

Working...