OK now I’m getting pissed off. This security crap just won’t go away.
Gregg Tavares, Chrome developer, discovered that Silverlight has the same security vulnerability as WebGL. Benoit Jacob, WebGL guru at Mozilla, even filed a bug with Microsoft about it. Cool… the cat is out of the bag. But I wouldn’t hold my breath waiting for Microsoft to change its position.
Turns out that Unity, Molehill, etc. also are likely to have similar security problems. News flash: graphics hurt. But no pain, no gain. And yet, the FUD continues to fly.
Jon Peddie said it succinctly: any graphics technology is going to have these issues, and the industry needs to manage the situation as developers inevitably adopt 3D on the web. (Yes: I said inevitably. Suck on that.) Regardless, he calls the question: should we kill this thing before it grows? I know he is being rhetorical but the scary thing is, the blogosphere is easily swayed and someone needs to fight the FUD. Bully, Jon! Keep ’em flying.
The truth is, all 3D applications come with elevated security risk because they tap into lower-level hardware. “But this is on the web,” you say, the implication being that it makes the situation inherently more dangerous. Well, these days, most 3D games run on a network so don’t go crying that this is different. It’s close enough to the same that it’s the same: bits on screen powered by random code susceptible to tampering by nefarious agents. We’ve been fighting this fight for years; we know how to do it. The real deal is, consumers either want rich experiences– and by rich, I mean real 3D not bullshit 3D– or they don’t. And if they do, the market will power through any obstacles in its path.
Web 3D is inevitable. (There, I said it again.) The history of media is the history of a rise in production value. Production value has nowhere else to go… but 3D.
Kill WebGL? You might as well kill graphics. You’re welcome to try.