Security flaws found in the WebGL standard

May 13, 2011 by Katie Gatto weblog
Security flaws found in the WebGL standard

(PhysOrg.com) -- Researchers at Context Information Security have issued a warning about the WebGL standard. The warning states that this standard has the potential to undermine the security concepts that are practiced by current operating system versions and provide a new set of opportunities for attacks on a variety of system.

The standard, which is designed to enabled the rendering of 3D animations, executes the shader code directly on the system's graphics card. While this may make graphics rendering simpler, it does however make a space for the exploitation. If the graphics card has any in it the system could be breached. This level of vulnerability is something that the Khronos Group, who are the creators of the WebGL standard, have acknowledged the possibility of in the WebGL specifications.

How serious are the potential vulnerabilities? Well, the researchers at Context say that they have been able to create the blue screen of death by using an exploitation that targets the overloading of a graphics card. While some of the current operating systems do have a fail-safe that rests an overloaded graphics card after a few seconds, the blue screen of death can be reached after a certain number of resets.

The flaw could also, according to the researchers, be used to not just create the blue screen of death, but to inject onto the system.

There is no word yet as to whether or not the standard will be changed, or when any changes to the standard would be implemented. Since the problem is already known and published in the standard it may not change at all.

Explore further: Crucial Technology Launches High-Powered Video Card Lineup

More information: Report: www.contextis.com/resources/blog/webgl/

Related Stories

Crucial Technology Launches High-Powered Video Card Lineup

July 7, 2004

New graphics card line features the much-anticipated Crucial RADEON X800 Pro Meridian, Idaho, July 7, 2004 – Crucial Technology, a division of Micron Semiconductor Products, Inc. which is a wholly owned subsidiary of Micron ...

Samsung Develops Ultra-fast Graphics Memory

February 14, 2006

Samsung Electronics announced that it has developed the world’s fastest graphics memory - a GDDR4 graphics DRAM chip with much faster processing than an earlier version that Samsung led the industry in prototyping only ...

Superior 3D Graphics for the Web a Step Closer

September 22, 2009

(PhysOrg.com) -- The development of improved three-dimensional graphics in Web-based applications took a step forward recently, when programmers began building WebGL into the Mozilla Firefox nightly builds, and into WebKit, ...

Recommended for you

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.