Are Browser Games Secure?
Posted on August 28, 2011 at 1:02 pm by Donna WarrenIt appears that games built using Web Gl are leaving your PC open to back door hackers. Engineers at Context Information Security have found security flaws when the games are designed to take control of local PC resources.
“The risks stem from the fact that most graphics cards and drivers have not been written with security in mind so that the interface they expose assumes that the applications are trusted,” says Michael Jordon, Research and Development Manager at Context. “While this may be true for local applications, the use of WebGL-enabled browser-based applications with certain graphics cards now poses serious threats from breaking the cross domain security principle to denial of service attacks, potentially leading to full exploitation of a user’s machine.”
Basically the problem lets hackers execute malicious code that can attack the graphics drivers and make the machine unusable. “These issues are inherent to the WebGL specification and would require significant architectural changes in order to remediate in the platform design,” security researcher James Forshaw wrote in the Context advisory.
However, the OpenGL APIs designed to work with HTML 5 are being designed to correct this problem.