Latest in Cert

Image credit:

WebGL flaw leaves GPU exposed to hackers

Share
Tweet
Share
Save

Sponsored Links

Google spent a lot of time yesterday talking up WebGL, but UK security firm Context seems to think users should disable the feature because it poses a serious security threat, and the US Computer Emergency Readiness Team (CERT) is encouraging people to heed that advice. According to Context, a malicious site could pass code directly to a computer's GPU and trigger a denial of service attack or simply crash the machine. Ne'er-do-wells could also use WebGL and the Canvas element to pull image data from another domain, which could then be used as part of a more elaborate attack. Khronos, the group that organizes the standard, responded by pointing out that there is an extension available to graphics card manufacturers that can detect and protect against DoS attacks, but it did little to satisfy Context -- the firm argues that inherent flaws in the design of WebGL make it very difficult to secure.

Now, we're far from experts on the intricacies of low-level hardware security but, for the moment at least, there seems to be little reason for the average user to panic. There's even a good chance that you're not vulnerable at all since WebGL won't run on many Intel and ATI graphics chips (you can check by clicking here). If you're inclined to err on the side of caution you can find instructions for disabling WebGL at the more coverage link -- but come on, living on the cutting edge wouldn't be anywhere near as fun if it didn't involve a bit of danger.

[Thanks, Tony]

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
Tweet
Share
Save

Popular on Engadget

'Free Guy' trailer shows a video game NPC without chains

'Free Guy' trailer shows a video game NPC without chains

View
Porsche tests a four-motor powertrain for electric SUVs

Porsche tests a four-motor powertrain for electric SUVs

View
'The Boys' season 2 teaser hints at more blood-soaked mayhem

'The Boys' season 2 teaser hints at more blood-soaked mayhem

View
OnePlus may return to low-cost phones with the 8 Lite

OnePlus may return to low-cost phones with the 8 Lite

View
Tesla will start charging $10 per month for 'Premium' in-car data

Tesla will start charging $10 per month for 'Premium' in-car data

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr