WebGL pays strong attention to security - just as any web technology should. With growing recognition of WebGL in the press, we thought we would summarize Khronos' work and stance on this important topic.
- Khronos agrees that security is a vitally important consideration for any web standard. WebGL was architected with security in mind from the ground up.
- All WebGL implementations already necessarily contain safeguards which prevent out-of-range memory accesses during rendering operations and access of uninitialized memory; please see here and here. These safeguards are tested by the WebGL conformance suite.
- Defense against denial of service attacks is still evolving in WebGL implementations. Khronos has specified an extension to OpenGL and OpenGL ES, GL_ARB_robustness, designed to prevent denial of service and out-of-range memory access attacks from WebGL content, preventing any possibility of using WebGL to execute malware on a user's machine.
- GL_ARB_robustness has already been deployed by some GPU vendors and Khronos expects it to be deployed rapidly by others. Browsers can check for the presence of this extension before enabling WebGL content. This is likely to become the deployment mode for WebGL in the near future.
- The ability to incorporate cross-domain images into WebGL scenes provides great utility to developers, but the WebGL working group is considering requiring Cross Origin Resource Sharing (CORS) opt-in or other mechanisms to prevent possible future abuse of this capability.
- The WebGL working group has been working closely with the GPU vendors in the Khronos group to make accelerated WebGL implementations secure and WebGL is influencing GPUs to provide even more flexible security options in the future.
- There are no known WebGL exploits and Khronos will continue to place close attention to technical and ecosystem opportunities to ensure WebGL is a secure technology that can be used with confidence.
Updated May 16 2011
Intel announced Intel® OpenCL SDK version 1.1 beta conformant with OpenCL™ 1.1 specification. New version includes an alpha preview of SDK implementation for Linux* operating systems. Intel also introduces the new Intel® OpenCL SDK community where OpenCL developers are encouraged to explore and to share advantages of OpenCL workloads found on Intel® Core™ and Intel® Xeon® processors.
Learning graphics programming in the era of shaders can seem daunting. This website's tutorials provide a firm foundation for understanding how to use modern shader-based hardware for graphics development. No prior graphics programming experience is expected. OpenGL v3.3 is used to demonstrate rendering techniques. Topics covered include: * Vertex transformations * Lighting, diffuse and specular, per-vertex and per-fragment. * HDR lighting and gamma correction.
Raspberry Pi is a functioning computer that fits in your pocket, for only $25. David Braben, a well-known video game developer who runs the UK studio Frontier, has spent his spare time trying to answer the question: "How to get young students excited about computers and more specifically, computer sciences like programming and hardware repair?" David believes price point is a major barrier for most schools from getting the equipment needed to teach kids the more advanced computer skills. But what can you get for $25? A lot! Provisional specs include an 700MHz ARM11, 128MB of SDRAM, OpenGL ES 2.0, 1080p30 H.264 high-profile decode, composite and HDMI video output, USB 2.0, SD/MMC/SDIO memory card slot, to start with.
Jon Peddie Research has written up a great review of the Khronos Groups new StreamInput API. Kathleen Maher writes "There is a tipping point out there somewhere and it doesn’t seen too far away. The Internet of Things is practically building itself. Khronos’ first role will be to help developers take advantage of sensors for mobile and console devices, but the day is not far off when the applications for sensors broaden further into our everyday lives and capabilities."
If you missed the San Francisco WebGL Meetup in April, you now have a chance to find out what it was all about. Complete with pictures and lots of details from the meetup, this review is well done and paints a great picture!
The WebGL and COLLADA powered OurBricks lets you share and interact with 3D content in a modern webbrowser. Today they announce a design competition for 3D artists. The theme is “Modern Life.” Deadline for submissions is May 16 at 12pm PST.
Jon Peddie has done up a review and benchmark of the new AMD 6500 series AIBs.
AMD announced the Radeon E6760 embedded discrete graphics processor. The AMD Radeon E6760 GPU is the first of its kind to offer embedded system designers the combination of OpenCL support along with support for six independent displays. The Radeon E6760 is based on a published Khronos Specification, and is expected to pass the Khronos ConformanceTestingProcess. Current conformance status can be found at http://www.khronos.org/conformance.