AAPL Stock: 117.81 ( -0.22 )

Printed from

WebGL standard riddled with security vulnerabilities?

updated 03:25 pm EDT, Tue May 10, 2011

Standard blasted by security researchers

Security research firm Context has issued a report criticizing WebGL, the 3D graphics standard used in popular browsers such as Firefox, Chrome and Safari. The report points to several serious vulnerabilities that are said to leave systems open to attacks. Experimental exploits reportedly used malicious code to gain access to a computer's core operating system.

These issues are inherent to the WebGL specification and would require significant architectural changes in order to remediate in the platform design," Context's James Forshaw wrote in a blog post. "Fundamentally, WebGL now allows full (Turing Complete) programs from the internet to reach the graphics driver and graphics hardware which operate in what is supposed to be the most protected part of the computer (Kernel Mode)."

Forshaw suggests that WebGL is not "ready for mass usage," and users should consider disabling the standard in browsers. The research firm points out that Firefox 4 and Chrome enable WebGL by default, while Safari leaves it as an option that can be turned on if needed.

The Khronos Group, an industry consortium that oversees WebGL development, responded to Context's criticisms, claiming that the standard had already been improved to protect against some of the vulnerabilities. The group placed part of the blame on graphics card manufacturers for not releasing updated drivers to help protect systems.

by MacNN Staff



  1. B9bot

    Joined: Dec 1969


    I don't see an option in Safari to turn on WEBgl

    I've looked through all of the options in Safari preferences and there is no option for WEBgl.

  1. Integr8d

    Joined: Dec 1969


    No Safari WebGL...

    Because Apple hasn't figured out how to repackage it into something 'magical'.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented