

New graphics engine imperils users of Firefox and Chrome - fvbock
http://www.theregister.co.uk/2011/05/11/chrome_firefox_security_threat/

======
extension
I'm not surprised. Video drivers are big, complicated and buggy. They are
developed within very tight performance and time constraints and have had
little reason to think about security until now. Exposing a large part of them
to the public internet is begging for trouble.

On the other hand, if it's ever going to happen, it will probably take a few
embarassing public incidents to make the vendors change their priorities.

~~~
imurray
Agreed (at least to the first part). The same argument has been made about the
new web font technologies.

[http://hackademix.net/2010/03/24/why-noscript-blocks-web-
fon...](http://hackademix.net/2010/03/24/why-noscript-blocks-web-fonts/)

 _"It really worries me that the FreeType font library is now being made to
accept untrusted content from the web. The library probably wasn’t written
under the assumption that it would be fed much more than local fonts from
trusted vendors who are already installing arbitrary executable on a computer,
and it’s already had a handful of vulnerabilities found in it shortly after it
first saw use in Firefox."_

------
code_duck
"In Chrome, get to the command line of your operating system and add the
--disable-webgl flag to the Chrome command. "

Wow, this should do a nice job of confusing everyone.

------
stianan
Could this have anything to do with VUPEN's recent Chrome exploit?

~~~
blocke
"Could this have anything to do with VUPEN's recent Chrome exploit?"

Is this going to be the standard post for every Chrome fix from this point
forward? The only people who we know for sure would know ain't talking. ;)

~~~
stianan
I get your point. However, this isn't a fix, it is, according to the article,
a volunerability that allows "remote execution of malicious code". People who
know WebGL better than I do would probably know more about what specific
exploits it facilitates.

~~~
JoeAltmaier
That's pretty much every attack - the holy grail of malicious code.

------
prewett
GL_ARB_robustness? I thought this might be satire or something, but it
actually exists:

    
    
      http://www.opengl.org/registry/specs/ARB/robustness.txt
    

Apparently it does the same thing for OpenGL that strncpy does for strcpy.

~~~
palish
You mean strcpy_s?

~~~
owenmarshall
OpenBSD po-ta-to, Windows po-tah-to.

~~~
palish
It was tongue-in-cheek. I think it's silly that Microsoft adds "_s" to a lot
of the standard functions; it makes porting more difficult.

Of course, it was sillier not to write "strcpy" as strcpy(dest,maxSize,src)
from the beginning. And "memcpy" as memcpy(dest,maxSize,count,src). But I
guess whoever wrote those weren't really expecting them to be one of the most
frequently used functions in computer programming history...

------
wccrawford
Imperils? No. Leaves another possible angle of attack for hackers? Sure. But
then, every feature does.

If you want to be safe, use Links on OpenBSD. If you want to browse the web in
style, use Chrome and Firefox.

~~~
palish
Erm... "Lynx"

 _whistles innocently_

~~~
wccrawford
Okay, I'll bite. Why is Lynx better than Links? I was under the impression
that Links was the newer one, though I hadn't done much research.

~~~
palish
I had no idea that there was a "Links". I thought he meant "Lynx", but
misspelled it.

Now I want to write an operating system and name it "Debyan".

------
chadaustin
This is a _good_ thing. Graphics drivers are so ridiculously terrible that the
pressure to fix them needs to come from somewhere. IMVU's top reported crash
is access violations inside of Direct3D. Mass-market 3D is a pain in the ass
because of this situation, and Intel, Microsoft, nvidia, and amd aren't doing
anything about it.

