Tuesday, June 21, 2011
It's finally coming true
Khronos actually has a web page which is a PoC for causing a denial of service.CAUTION: This will probably crash your system. You have been warned.
Interestingly enough, another issue is the stealing of images. Context show a video of using the WebGL to basically scan an image line by line (its not that easy, but I am trying to get you to read their article), therefor ripping it from a site. I wonder if this could be used to snag those images used in mobile banking? How about 'watermarked' images?
Another indicator as to the potential danger of this, Microsoft does not seem to want to implement WebGL on IE (or at least by default as far as I can see) because of these very concerns. However, Chrome and Mozilla have it in their browsers.
It's crazy to think about all the ways a hacker can now pwn a system. My interest in this one is: what forensic artifacts (if any) would remain on the machine if this was used? Memory? Would we now have to somehow read the GPU to see what is in there?
An analysts job is never done.