[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Public WebGL] Re: WebGL security



This is maybe off-topic and should maybe go off-list but I had heard MS was shelving Silverlight? Sounds like that's not the case.

Anybody know where that rumor I heard came from and/or how much push MS is making with Silverlight going forward?

Tony


On Sat, Jan 7, 2012 at 3:55 PM, Benoit Jacob <bjacob@mozilla.com> wrote:



Silverlight 5 requires the user to explicitly grant each domain permission to use the 3D features. 

The UI is pretty horrible. To run a 3d app (http://david.blob.core.windows.net/babylon/Babylon.html) you follow these steps

1) Go to the URL above.
2) Right click on the plugin area
3) Pick "Sliverlight"
4) Go to the "Permissions" tab
5) For the domain you are currently on pick "allow" for "3D Graphics: use blocked display drivers"

No idea if they have un-blocked display drivers.

Indeed, I haven't yet found a driver that wasn't blacklisted by Silverlight 5.

I have updated my bug report:
https://connect.microsoft.com/VisualStudio/feedback/details/676134/dos-vulnerability-in-silverlight-5s-3d-similar-to-webgl-dos-vulnerability

I am actually happy that they blacklist a lot of drivers (all of them? I don't know): this adds pressure on driver vendors to implement what we need (resilience to DOS, etc). WebGL and Silverlight have the same needs in this respect.

Benoit



Also, as far as I can tell, 3D is only supported on Windows. Mac and Linux are out of luck.






--
Tony Parisi                             tparisi@gmail.com
CTO at Large                         415.902.8002
Skype                                     auradeluxe
Follow me on Twitter!             http://twitter.com/auradeluxe
Read my blog at                     http://www.tonyparisi.com/