[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Public WebGL] Proposed change to WebGL spec section 4.2 (Security Origin Restrictions)



>
> On Oct 6, 2010, at 7:27 AM, tomi.aarnio@nokia.com wrote:
>
>> Hi Brian, Steve,
>>
>> I believe you could fish out the texel values with a timer-based attack
>> even without vertex texture support: Just draw N screen-sized quads,
>> where N is the number of texels in your secret texture, using a fragment
>> shader that samples the same texel for every fragment and consumes time
>> in proportion to the texel value (which Steve already showed how to do).
>> If you have a very fast GPU and/or bad timers, just increase the size of
>> the quad and/or draw it several times until you get measurable
>> differences.
>>
>> As a newcomer to web development, I keep wondering if these restrictions
>> on image data access are genuinely necessary. They are a giant pain in
>> the bottom for the ordinary developer, yet there are ways for attackers
>> to go around them, so why bother?
>
> Because we have to. Origin restrictions are not something we can elide
> just because we think they are not "necessary". Security is of prime
> importance to many people. The news that your browser didn't respect
> origin restrictions would cause some companies to block the use of your
> browser on their site. This is a fact we have to live with.

I entirely agree...but we just have to realize that we're not ever going
to make it 100% safe-by-design.

  -- Steve


-----------------------------------------------------------
You are currently subscribed to public_webgl@khronos.org.
To unsubscribe, send an email to majordomo@khronos.org with
the following command in the body of your email: