WebGL in Firefox 4 & Google Chrome puts users at risk

Worth reading…

Thanks, Radaghast

That was indeed worth reading
Cheers!

Thanks for the information provided Radghast it really detailed.

The issue is fixed in the latest FF version 5.0

http://www.mozilla.com/en-US/firefox/5.0/releasenotes/

Moreover re: Fox v4, as far as I know, starting from v2.1.1.1 NoSript addresses WebGL exploitation issue

*** added ***
anyway Fox was just updated here to v5 :slight_smile:

Cheers!

And this is why I will never install firefox anymore. This is just a huge disaster waiting to happen. At best, the OS can kill the driver during a DoS attack. At worst, memory corruption leading to a kernel panic. It’s a loophole in security big enough to drive a truck through it.

You have drivers which were not written against such attacks. Drivers are notoriously difficult to write. Let alone against such attacks. . .

This was posted quite a while ago and it didn’t just affect firefox, Chrome was also at risk from the same exploits. Also, don’t forget that Opera has been working on implementing WebGL and Apple has iOS 5 with WebGL, which will, in all likelihood, end up in Safari. It’s only Microsoft, again, that haven’t adopted the technology. They do, however, face the same problems with their upcoming 3D interface technology.

Regardless, since these issues were discovered, much work has been done, WebGL has been updated and these changes have found their way into firefox 5 and recent editions of Chrome. There’s still more to come, too. Once CORS gets full approval, things will get even better.

In the end, you can simply disable WebGL…