[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Public WebGL] Microsoft Weighs in on WebGL Security Issue



That was a great post.

Mind if I put it on hacker news? I feel it would go a long way in
explaining the whole issue. Here what I got from it:

1. Yes there are some security concern
2. Those concerns are also present in other 3D web tech being talked
about including Silverlight 5
3. Solutions to those issues are already being worked on by browser
vendors who support WebGL
3. Microsoft is going to have to do the work anyway for Silverlight 5,
why not do it for WebGL at the same time
4. Microsoft is the best position company to put a dent in the problem
and solve it.

Nic

On Tue, Jun 21, 2011 at 2:10 AM, Gregg Tavares (wrk) <gman@google.com> wrote:
> This probably going to get me in trouble but I wrote a blog post
> Fortunately nobody reads my blog ;-)
> http://games.greggman.com/game/webgl-security-and-microsoft-bullshit/
> You can probably see why I'm not in PR :-p
>
>
> On Mon, Jun 20, 2011 at 10:49 PM, Mark Callow <callow_mark@hicorp.co.jp>
> wrote:
>>
>> Hi Tony,
>>
>> Since I don't feel like becoming a member, I just sent a message to the
>> author of the ZDNet article.
>>
>> Regards
>>
>> -Mark
>> p.s. Nice to hear you to. I am delighted you have joined this list.
>>
>> On 21/06/2011 13:08, Tony Parisi wrote:
>>
>> Btw have either of you posted on the CNet, ZDNet or other articles that
>> are promoting this concept?
>>
>> On Mon, Jun 20, 2011 at 8:58 PM, Tony Parisi <tparisi@gmail.com> wrote:
>>>
>>> Well then, I suppose turnabout is fair play!
>>>
>>> Good stuff guys. Let's see where this road leads us...
>>>
>>> Tony
>>> p.s. Mark nice to hear your e-voice!
>>>
>>> On Mon, Jun 20, 2011 at 8:57 PM, Benoit Jacob <bjacob@mozilla.com> wrote:
>>>>
>>>> I've filed a bug at Microsoft,
>>>>
>>>> http://connect.microsoft.com/VisualStudio/feedback/details/676134/dos-vulnerability-in-silverlight-5s-3d-similar-to-webgl-dos-vulnerability
>>>>
>>>> Benoit
>>>>
>>>> ________________________________
>>>>
>>>> Silverlight 5 has exactly the same issues with denial of service and
>>>> lack of robustness in the graphics drivers as WebGL. Therefore it is
>>>> important to work together with MS to get them fixed. One of the most
>>>> important things MS could do is push PC vendors, particularly laptop
>>>> vendors, to provide graphics driver updates on a regular basis.
>>>>
>>>> In fact any graphics used in the web browser, HTML5, Canvas 2D, Flash,
>>>> Molehill, Silverlight 5 potentially faces these problems. Witness the driver
>>>> "blocklists" maintained by both Firefox & Chrome for all of their
>>>> accelerated graphics features.
>>>>
>>>> Regards
>>>>
>>>> -Mark
>>>>
>>>> On 21/06/2011 09:25, Tony Parisi wrote:
>>>>
>>>> Not in a good way. Sigh.
>>>>
>>>>
>>>> http://blogs.technet.com/b/srd/archive/2011/06/16/webgl-considered-harmful.aspx
>>>>
>>>> Plus slightly hysterical reporting
>>>>
>>>>
>>>> http://news.cnet.com/8301-30685_3-20071726-264/microsoft-declares-webgl-harmful-to-security/?tag=mncol
>>>>
>>>> http://www.zdnet.com/blog/hardware/microsoft-is-right-to-label-webgl-harmful/13354
>>>>
>>>> A few blogs on the positive side
>>>>
>>>>
>>>> http://www.realityprime.com/articles/why-microsoft-and-internet-explorer-need-webgl
>>>> http://tonyparisi.wordpress.com/2011/06/20/shades-of-chrome/
>>>>
>>>> I really think the best way to deal with this is for developers to tell
>>>> MS how important WebGL support is and how they want to see it in IE (if you
>>>> care). IMO that is the most reliable method of getting MS to the table to
>>>> make positive contributions to the discussion.
>>>>
>>>> Peace out;
>>>> Tony
>>>>
>>>> --
>>>> Tony Parisi                             tparisi@gmail.com
>>>> CTO at Large                         415.902.8002
>>>> Skype                                     auradeluxe
>>>> Follow me on Twitter!             http://twitter.com/auradeluxe
>>>> Read my blog at                     http://www.tonyparisi.com/
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Tony Parisi                             tparisi@gmail.com
>>> CTO at Large                         415.902.8002
>>> Skype                                     auradeluxe
>>> Follow me on Twitter!             http://twitter.com/auradeluxe
>>> Read my blog at                     http://www.tonyparisi.com/
>>>
>>>
>>
>>
>>
>> --
>> Tony Parisi                             tparisi@gmail.com
>> CTO at Large                         415.902.8002
>> Skype                                     auradeluxe
>> Follow me on Twitter!             http://twitter.com/auradeluxe
>> Read my blog at                     http://www.tonyparisi.com/
>>
>>
>
>



-- 
-----------------
Nicolas Kassis

-----------------------------------------------------------
You are currently subscribed to public_webgl@khronos.org.
To unsubscribe, send an email to majordomo@khronos.org with
the following command in the body of your email:
unsubscribe public_webgl
-----------------------------------------------------------