drjbhl
Ramblings of an old Doc
WebGL Vulnerable to Security Breaches
Published on May 9, 2011 By DrJBHL In Personal Computing

 

 

Big deal. What’s WebGL?

WebGL (Web Graphics Library) is an in development standard specification defining a JavaScript API for writing web applications utilizing hardware accelerated 3D graphics.

So, this is quite upsetting to the makers of Firefox and Chrome and that’s because they use it in all their versions since 4.x and 9.x, respectively. OK, they’ll patch it. Nope. The very architecture of webGL is what makes it vulnerable, and that’s going to make it very hard to fix.

Your antiviral/antimalware protect the usual routes of attack. They don’t protect your graphics card. That’ll be the route of attack…. Haha! Dumb Windows usres! Switch to Mac!

Nope, Windows, Linux and Apple OS’s are all vulnerable – oh yes, the Safari currently under development is vulnerable too.

The flaws researched by UK consultancy Context Information Security are serious enough, the company said, to allow an attacker to compromise the attacked PC through the poorly defended graphics card layer, or at the very least crash the system to make it more vulnerable to exploits.

The company confirmed that it had been able to exploit systems using proof-of-concept attacks with certain graphics cards in a way -- kernel mode -- that breached the most secure ring of an OS. – PCWorld

"The risks stem from the fact that most graphics cards and drivers have not been written with security in mind so that the interface (API) they expose assumes that the applications are trusted," said Context Research and Development Manager Michael Jordan.

Disabling WebGL in Firefox 4

Disabling WebGL varies from browser to browser but in Firefox involves setting a required value to "false" using the “about:config” command.

1. Type about:config in Firefox address bar and continue with warning dialog.

2. Type Webgl in the Filter box double click “ webgl.enabled_for_all_sites”  and set its value to False.

3. Restart Firefox browser, WebGL is now disabled in Firefox 4.

From Techdows.

I’ve looked for instructions on how to do the same for Chrome, but can’t find any… unless you’re a programmer working for Google.

Source: http://www.pcworld.com/businesscenter/article/227434/webgl_hit_by_hardtofix_browser_security_flaw.html


Popular Articles in this Category
Safe and free software download sites for windows
Keep an Eye Out!
A new and more functional PC Manager widget from MS
Popular Articles from DrJBHL
Safe and free software download sites for windows
A new and more functional PC Manager widget from MS
Comments (Page 4)
4 PagesFirst 2 3 4 
46
Uvah
on May 11, 2011

Granuloidalicious.

4 PagesFirst 2 3 4 
Meta
Views
» 36542
Comments
» 46
Category
» Personal Computing
Comment
Recent Article Comments
Let's see your political mem...
LightStar Design Windowblind...
Let's start a New Jammin Thr...
A day in the Life of Odditie...
Safe and free software downl...
Veterans Day
A new and more functional PC...
Post your joy
AI Art Thread: 2022
WD Black Internal and Extern...
Sponsored Links
Terms of Service Privacy Policy About Us Contact Us Stardock.com
© 2024 Stardock Corporation. All rights reserved.
JoeUser v1.0.0.0