Microsoft refuses to endorse WebGL, labels it ‘harmful’

By Tom Warren, on 16th Jun 11 5:27 pm with 135 Comments

Microsoft said on Thursday that it refuses to endorse WebGL from a security perspective.

The strong words came directly from Microsoft’s own security research and defines team. Microsoft’s MSRC engineering team has been analysing WebGL recently and concludes that Microsoft products supporting WebGL would “have difficulty” passing the company’s own Security Development Lifecycle requirements. The software giant highlighted the following concerns in a blog post on Thursday:

  • Browser support for WebGL directly exposes hardware functionality to the web in a way that we consider to be overly permissive
  • The security of WebGL as a whole depends on lower levels of the system, including OEM drivers, upholding security guarantees they never really need to worry about before. Attacks that may have previously resulted only in local elevation of privilege may now result in remote compromise. While it may be possible to mitigate these risks to some extent, the large attack surface exposed by WebGL remains a concern. We expect to see bugs that exist only on certain platforms or with certain video cards, potentially facilitating targeted attacks.

  • Browser support for WebGL security servicing responsibility relies too heavily on third parties to secure the web experience
  • As WebGL vulnerabilities are uncovered, they will not always manifest in the WebGL API itself. The problems may exist in the various OEM and system components delivered by IHV’s. While it has been suggested that WebGL implementations may block the use of affected hardware configurations, this strategy does not seem to have been successfully put into use to address existing vulnerabilities.It is our belief that as configurations are blocked, increasing levels of customer disruption may occur. Without an efficient security servicing model for video card drivers (eg: Windows Update), users may either choose to override the protection in order to use WebGL on their hardware, or remain insecure if a vulnerable configuration is not properly disabled. Users are not accustomed to ensuring they are up-to-date on the latest graphics card drivers, as would be required for them to have a secure web experience. In some cases where OEM graphics products are included with PCs, retail drivers are blocked from installing. OEMs often only update their drivers once per year, a reality that is just not compatible with the needs of a security update process.

  • Problematic system DoS scenarios
  • Modern operating systems and graphics infrastructure were never designed to fully defend against attacker-supplied shaders and geometry. Although mitigatinos such as ARB_robustness and the forthcoming ARB_robustness_2 may help, they have not proven themselves capable of comprehensively addressing the DoS threat. While traditionally client-side DoS is not a high severity threat, if this problem is not addressed holistically it will be possible for any web site to freeze or reboot systems at will. This is an issue for some important usage scenarios such as in critical infrastructure.

Microsoft believes that WebGL will become an “ongoing source of hard-to-fix vulnerabilities” in its current form. The software maker says that, in its current form, “WebGL is not a technology Microsoft can endorse from a security perspective.” The company recognises the need to provide solutions for WebGL but says that its goal is that such solutions are “secure by design, secure by default, and secure in deployment.”

WebGL (Web-based Graphics Library) is a new software library that extends JavaScript to allow 3D interactive graphics within any compatible browser. Mozilla Firefox, Google Chrome and upcoming versions of Safari and Opera all support WebGL. The software library is managed by non-profit technology consortium Khronos Group.

  • Shane Phillips

    If Microsoft decide not to support WebGL they will just keep losing marketshare to Firefox and Chrome.

    • Test1ngi23

      You’d think Dean Hachamovitch would have figured that out by now.

    • Anonymous

      Dean killed Clippy, so he has done more then what is expected of a man.

    • http://twitter.com/efjay01 Ef Jay

      What is the fascination with internet explorer marketshare? Its a free product and its not as if using a competitors browser affects pc sales, its not as though using Opera takes away from pc use, its actually being used on a PC. I use IE, it works and I’m out, others use their choice of browser, why all the fuss? 

    • Test1ngi23

      Because as a web developer, I would like you to see my WebGL animations but if you’re using IE, you wouldn’t be able to view it. I don’t want to have to redo my animation from scratch in Silverlight just because Microsoft can’t write secure OpenGL drivers.

    • http://twitter.com/efjay01 Ef Jay

      If IE marketshere is declining then its less of a problem for you, isnt it? The majority of users will be able to see the site so I still dont see why this is always being portrayed as some huge loss for Microsoft. And are Microsoft the ones writing graphics card drivers or the card vendors themselves? From the MS blog post it would seem its the problem with video card makers having to make secure drivers thats the problem with webgl.

    • http://twitter.com/efjay01 Ef Jay

      If IE marketshere is declining then its less of a problem for you, isnt it? The majority of users will be able to see the site so I still dont see why this is always being portrayed as some huge loss for Microsoft. And are Microsoft the ones writing graphics card drivers or the card vendors themselves? From the MS blog post it would seem its the problem with video card makers having to make secure drivers thats the problem with webgl.

    • Test1ngi23

      In the perfect world, IE marketshare would hit 0%, but in the real world, that would never happen. To many ignorant people on the internet. You are right though, it might be the card makers that don’t have good OpenGL drivers but I feel that MS can do a lot more to help the situation than to give up and say no to WebGL. A company as large as Microsoft can probably try harder.

    • Guest

      “In the perfect troll world, IE marketshare would hit 0%”

      Fixed it for ya.  

    • Test1ngi23

      Sorry, that was speaking from a web developer’s perspective. Find me one web developer on all of the internet that doesn’t work at MS, that prefers IE, then I’ll admit it was a troll comment.

    • http://twitter.com/furdworetzky Fur Dworetzky

      Well, I’m a web developer who doesn’t work at MS who prefers IE.

      Guess that wasn’t so hard…

    • Test1ngi23

      Do you have any links to prove it?

    • http://twitter.com/efjay01 Ef Jay

      Have any links to prove your claims as well?

    • Test1ngi23

      They are intranet sites so I can’t. Instead you can ask any question about web development you can think of. Just one question tinny tiny question. It won’t hurt.

    • Narg

      Require others to provide something that you yourself can’t.  Yep, you’re a troll.  Big green warty ugly troll.

    • Anonymous

      Same, and as a web/software developer, I will not use insecure languages or features. IE9 has been great for me so far.

    • http://www.facebook.com/people/Alex-Gorevski/24403295 Alex Gorevski

      Blanket statements = troll comments

    • Anonymous

      I wouldn’t have said that before IE9 but hands down IE9 is the best browser right now. Chrome would be close if not for its secret updating which rules it out for me.

    • Narg

      *raises hand*

    • Michael

      I am one….
      You are a TROLL…
      End of discussion.

    • Michael

      I am one….
      You are a TROLL…
      End of discussion.

    • Guest

      “To many ignorant people on the internet.”

      Ah, the irony.

    • Justfortherecord

      Break out the ironing board I feel like pressing some shirts

    • Guest

      “I don’t want to have to redo my animation from scratch in Silverlight just because Microsoft can’t write secure OpenGL drivers.”

      Reading comprehension problem? 

    • Test1ngi23

      How come?

    • Aethec

      Microsoft doesn’t write OpenGL drivers, chip makers do.
      And Microsoft has no control on that.
      Just sayin’.

    • No

      Read the article, you will understand…

    • No

      Read the article, you will understand…

    • will

      What does OpenGL have to do with it? And what do drivers have to do with it? Isn’t the concern about direct control of the hardware, as in shaders?

    • Test1ngi23

      Um, maybe because WebGL uses OpenGL? It’s basically a JavaScript binding for OpenGL.

    • Narg

      Javascript?  You just figured out the major security hole.  DUH!

    • Nargg

      Dude, nobody can write secure WebGL drivers.  NOT OpenGL you nit.  Get your “facts” or lack there-of straight.

      HTML 5 can do anything Flash or Silverlight can.  THAT’s what you need to program.  Or are you that dense?

    • Anonymous

      is it microsoft’s responsibility to write openGL drivers or the video card manufacturers? I think that is microsofts concern. THe graphic card manufacturers are going to drop the ball and microsoft is going to get blamed.

    • Guest

      because something like 60% of people’s time is currently spent using the browser. If that becomes Chrome, not IE, then obviously moving away from a  MS OS and towards a Google one, gets that much easier.

    • Aethec

      Hint: The average Joe doesn’t even know what WebGL is, and doesn’t care about using a browser that supports it.

    • ryanpcmcquen

      What a terrible argument, the average user doesn’t know what any technology is, but that doesn’t mean they don’t need it.

    • Aethec

      Please explain how WebGL is needed.
      3D in a browser? 2D + some perspective + transitions is enough to show content in a visually appealing manner.
      If you want to play a game, then download it. The whole “we don’t want to download apps, web apps are better” argument is based on the fact web apps are lightweight. Including OpenGL code in apps means you’ll get the same download size for a website and a game.
      Look at Mozilla’s “Flight of the Navigator” WebGL demo: http://videos-cdn.mozilla.net/serv/mozhacks/flight-of-the-navigator/
      It’s laggy (I have a GeForce 8800 GTS..), and the graphics are ugly (because if they had to make good graphics, it’d kill performance). Also, some features (videos on the various screens) don’t work because Mozilla had to disable a WebGL feature in Firefox…guess why…security reasons! Oops!

    • Test1ngi23

      Because it’ll be platform independent?

    • http://twitter.com/furdworetzky Fur Dworetzky

      You know, platform independence and quality are completely different issues…

      You know what? Looking at your posts makes it completely apparent that you only use this account to troll Winrumors readers.

    • Test1ngi23

      Providing dissenting opinions, backed up with points, is trolling?

    • Anonymous

      Dissenting opinions, backed up with points when talking about Apple/Google/etc. earns the label “hater” and whining about how mean people are towards those companies.

    • Aethec

      And?
      You can use OpenGL for platform-independent games, too. But games are written using DirectX.
      Java is platform-independent. Yet most programs are written in native languages.
      Flash is platform-independent. But nobody likes Flash.

      Get real. The fact something works on more than one platform does not mean we should use it regardless of its flaws.

    • Test1ngi23

      I would think that since the number of different platforms has been growing over the last few years (iPhone, Android, iPad, Playbook, TouchPad, Chrome OS), platform-independence might be more important than it was before.

    • Guest

      Maybe you should pay closer attention then. Because almost all of the ones you mentioned have and are pushing their own development environment.

    • Guest

      LOL. It’s crap and insecure. But it’s “platform independent”. Har har har

    • Anonymous

      Java is platform independent and it too is a security nightmare.

    • Aethec

      Please explain how WebGL is needed.
      3D in a browser? 2D + some perspective + transitions is enough to show content in a visually appealing manner.
      If you want to play a game, then download it. The whole “we don’t want to download apps, web apps are better” argument is based on the fact web apps are lightweight. Including OpenGL code in apps means you’ll get the same download size for a website and a game.
      Look at Mozilla’s “Flight of the Navigator” WebGL demo: http://videos-cdn.mozilla.net/serv/mozhacks/flight-of-the-navigator/
      It’s laggy (I have a GeForce 8800 GTS..), and the graphics are ugly (because if they had to make good graphics, it’d kill performance). Also, some features (videos on the various screens) don’t work because Mozilla had to disable a WebGL feature in Firefox…guess why…security reasons! Oops!

    • ryanpcmcquen

      What a terrible argument, the average user doesn’t know what any technology is, but that doesn’t mean they don’t need it.

    • Anonymous

      Very correct Aethec.  They will know that Firefox, Chrome and Safari will become even more unsafe than they currently are.  I.E. is not perfect, but I’ll take safety over anything anyday on the internet.

    • Test1ngi23
    • Guest

      How does not being tested @Pwn2Own = safe?

    • Nargg

      I.E. 9 is the latest, not 8.  Try again.

    • Anonymous

      Wasn’t there some news about a huge flaw in Chrome a bit back?

    • Guest

      At multiple contests, hacking Chrome wasn’t even ATTEMPTED. Also search for various forms of 14,000 dollars and Chrome security on Linuxtoday.com and you’ll find at least one article about Chrome’s security flaws. Unfortunately many journalists/bloggers have said “it wasn’t hacked” when that’s not accurate, it just hasn’t been tried at the contests. There have been a number of serious flaws in Chrome over the years and Google have paid out the bug finders. Also Chrome isn’t open source, sure Chromium is but it doesn’t include Flash and some other stuff which make it harder to use compared to Chrome. Secondly, if you are all about personal information-mining people’s privacy then you can’t deliver security to end-users with all the collection of information which has been proven to identify people and de-”anonymize” them time and time again.

      I did not say anything about any other browser/company/foundation, so just take it as information.

    • Pacific

      Yes, until their computer is hacked and personal information is breached.  Then we could all say  I TOLD YOU SO.

    • Pacific

      I meant to type compromised and not breached.

    • Guest

      That’s going to happen regardless.

    • Anonymous

      Firefox and Chrome could end up losing marketshare when WebGL is hacked 10 billion ways over.

    • http://www.facebook.com/people/Alex-Gorevski/24403295 Alex Gorevski

      I hope that Firefox and Chrome support it, *just* for this reason.

  • http://twitter.com/ondraster Ondra Moravek

    It feels like they have a point IMHO.

    • Test1ngi23

      But alas, it was just a feeling. ;)

    • Test1ngi23

      But alas, it was just a feeling. ;)

    • James Butler

      Fortunately, their hair covers it …

  • Test1ngi23

    …Or… maybe WebGL/OpenGL competes with DirectX and Microsoft just can’t have that! Competition = Bad!

    • Asshat

      …Or…maybe…you’re a hater with nothing better to do than troll MS-related news sites and see everything MS does =Bad!, whether it is or not.

    • Test1ngi23

      Or maybe I’m a web developer that has to put up with all the sh*t that IE 6/7/8 gives me every single day. Maybe I care that I’m going to have to put up with some more sh*t from IE10 too.

    • Anonymous

      Or maybe you’re a web developer that thinks you’re required to create for 6/7/8 when you’re not! Try developing to current standards and if legacy users don’t like it, let them upgrade from a link on your site to all browsers. Totally works for me and that’s what I do. If you’re shackled to developing for a corporate user that can’t upgrade their apps yet, then you SOL and maybe it’s time to break out the resumes!

    • Anonymous

      Or maybe you’re a web developer that thinks you’re required to create for 6/7/8 when you’re not! Try developing to current standards and if legacy users don’t like it, let them upgrade from a link on your site to all browsers. Totally works for me and that’s what I do. If you’re shackled to developing for a corporate user that can’t upgrade their apps yet, then you SOL and maybe it’s time to break out the resumes!

    • Test1ngi23

      True! But I just hoped and prayed everyday that the days of browsers having major discrepancies would some day be over. Now it appears that that won’t happen any time in the foreseeable future.

    • Anonymous

      It isn’t the fault of IE though that it isn’t implementing non HTML standards. The other browsers are the ones implementing non standard functionality (and un finished api.. exactly what people hated about ms they love about chrome/ff)

    • Guest

      Your desire for simplicity to make your job easier, doesn’t negate MS’s need to ensure security for its customers. The industry doesn’t exist for your pleasure. If you can’t hack it, quit.

    • Test1ngi23

      If Mozilla, Apple, Opera, and Google can do it, why can’t Microsoft?

    • Keithfranklin

      Its like this. The hackers like to go after big bad Microsoft. So MS is the most concerned about Security.  The hackers tend to let Mozilla, Opera, Google and Apple alone more. That has started to change with Apple and Apple is moving slow on that front.

    • Keithfranklin

      Its like this. The hackers like to go after big bad Microsoft. So MS is the most concerned about Security.  The hackers tend to let Mozilla, Opera, Google and Apple alone more. That has started to change with Apple and Apple is moving slow on that front.

    • The Dude

      Simple… Microsoft software powers the majority of
      corporate IT and they don’t have the luxury to rollback bad decisions with
      the frequency the other companies you mention do…
      http://news.softpedia.com/news/Mozilla-Disables-Cross-Domain-WebGL-Textures-over-Security-Concerns-205278.shtml

    • The Dude

      Simple… Microsoft software powers the majority of
      corporate IT and they don’t have the luxury to rollback bad decisions with
      the frequency the other companies you mention do…
      http://news.softpedia.com/news/Mozilla-Disables-Cross-Domain-WebGL-Textures-over-Security-Concerns-205278.shtml

    • James Butler

      Webkit, et al don’t get the same hooks into the hardware that MSIE does. This is an issue with the way hardware hooks are secured in the Windows environment. This is an MSIE issue.

      If you really still need to support MSIEv6, this doesn’t affect that task, as there is no way writing an app that uses WebGL will be able to run on MSIEv6, anyway.

      Focus the fancy on the current players, while providing a fall back to those who can’t see your bling. I’ve never met a corporation that insisted that 3D graphics and 2011-style dynamic scripts function perfectly in their Netscape v2.5 browsers. Any individual who still uses old gear doesn’t expect the bling, anyway, so as long as they can do their shopping (or whatever), they’re happy.

      Focus on what you MUST do, not on what you WISH you could do.

    • Aethec

      “Webkit, et al don’t get the same hooks into the hardware that MSIE does.”
      Wrong. IE uses DirectX ; WebKit could be modified to use DirectX.
      Of course, it’d mean having to maintain more code in the name of cross-platform compatibility.

    • James Butler

      Wrong. Webkit does NOT have the same hooks into the Windows OS (ergo, its relationships with the hardware) as MSIE does. Anyone who knows anything knows that is true. Here, let me help you with a little demo … uninstall any Webkit product. Okay? Now uninstall MSIE. Get it? It has nothing to do with DirectX. That’s just a conduit.

    • mwstark

      Alright.  I just uninstalled IE (Windows 7).  What’s your point again?

    • Test1ngi23

      True! But I just hoped and prayed everyday that the days of browsers having major discrepancies would some day be over. Now it appears that that won’t happen any time in the foreseeable future.

    • Lex

      If you’re a true client focused web developer, you develop your sites to the exact wishes of the clients. The vast majority of corporate clients are simply not interested in the specifics of standards and non-compliance, they want their site to be viewable on as many browsers and systems as possible.

      If I went back to my clients and told them “stuff legacy users, they can upgrade” – I can assure you my clients would say “stuff you” and take their business else where.

      If you find yourself in these situations, you will fully appreciate anyone complaining about IE non-compliance!

    • Guest

      Actually, your comment shows how idiotic it is to complain about it as accomodating legacy is an inherent part of dealing with enterprise IT.

    • Guest

      Actually, your comment shows how idiotic it is to complain about it as accomodating legacy is an inherent part of dealing with enterprise IT.

    • Renzo

      I know for a fact that you’re no web developer.

      Case in point: Who the hell targets IE6?

      Quit making junk up, kid, and go eat you some troll cakes.

    • Test1ngi23

      How the hell did you come to that conclusion? Ask me any thing about web development motherf*cker!

    • http://www.facebook.com/people/Alex-Gorevski/24403295 Alex Gorevski

      Look at the way you troll posts on a website dedicated to Microsoft announcements / rumors.  Even if you ARE a web developer, I wouldn’t want anything to do with you or your web development.

    • Test1ngi23

      True, I guess his blind assumption is wiser in this case!

    • Trollaliasdujour

      Maybe before you fill in your demonstrably inadequate
      programming knowledge and spelling skills, you might want to work on your
      social ones?

    • Test1ngi23

      You are right. I apologize.

    • Test1ngi23

      You are right. I apologize.

    • Renzo

      I know for a fact that you’re no web developer.

      Case in point: Who the hell targets IE6?

      Quit making junk up, kid, and go eat you some troll cakes.

    • http://twitter.com/maffyoot matthew taylor

      that comment proves beyond doubt that you ain’t got a clue what you are talking about. Leave the serious discussions to the grown ups. can’t you go away and create a stylesheet?

    • Test1ngi23

      I take it you’ve never wrote a webpage in your life. You know there’s a reason why web developers don’t like IE right?

    • http://twitter.com/furdworetzky Fur Dworetzky

      Because they’re incompetent and don’t know about doctypes?

    • Aethec

      THIS.
      “I’ve got a problem! IE is so bad it doesn’t render my website properly!”
      “Did you put a doctype?”
      “No, why?????”

    • Anonymous

      This site is hilarious. It’s like this huge joke where MS fanboys actually exist and defend IE6!

    • Test1ngi23
    • Anonymous

      I have wrote webpages, and I can say that early versions of all the other browsers — Firefox, Opera, Safari, Chrome — also had standards problems. They only started shaping up when IE did, when IE7 was released. IE6 in fact supported many standards that Firefox 2 didn’t, like inline-block support. In order to get that working on Firefox you’d have to use a hack. There are several webpages where I had to use hacks for *every single browser* to get it to display the same on each one of them.

      The only reason the other browsers have better reputations is because the companies crowed about how IE didn’t follow standards, while avoiding scrutiny of their own. This was in part good — it helped push the entire industry towards adopting standards. But in part, it was dishonest and hypocritical

    • Anonymous

      I have wrote webpages, and I can say that early versions of all the other browsers — Firefox, Opera, Safari, Chrome — also had standards problems. They only started shaping up when IE did, when IE7 was released. IE6 in fact supported many standards that Firefox 2 didn’t, like inline-block support. In order to get that working on Firefox you’d have to use a hack. There are several webpages where I had to use hacks for *every single browser* to get it to display the same on each one of them.

      The only reason the other browsers have better reputations is because the companies crowed about how IE didn’t follow standards, while avoiding scrutiny of their own. This was in part good — it helped push the entire industry towards adopting standards. But in part, it was dishonest and hypocritical

    • Trythatonforsize

      I believe you have no idea what you are talking about.  Test1ngi23 is a troll.

  • http://twitter.com/mdtauk martin anderson

    If any company is going to be cautious about security, its Microsoft…

    • Anonymous

      Considdering the amount of users with below average knowledge you’re absolutely correct, Microsoft has done a great job the last 5 or so years to secure their products, these days the biggest problem is 3rd party software such as Adobe Acrobat that is the big problem, so I can understand that Microsoft doesn’t trust 3rd party companies.

  • http://ahylianhuman.me Rod Davis

    Honestly, who uses WebGL for a real purpose, anyways? All I see are fancy looking tech demos with it. Correct me if I’m wrong, though.

    • Anonymous

      That’s how HTML5 elements started out too, and now we’re seeing bits of them popping up all over the place. Of course it has a real-world use case, otherwise it wouldn’t have seen any development.

  • http://ahylianhuman.me Rod Davis

    Honestly, who uses WebGL for a real purpose, anyways? All I see are fancy looking tech demos with it. Correct me if I’m wrong, though.

  • Anonymous

    I will continue to use IE9 :) Thanks

    • Guest

      MS worried about security…..LOL!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!  It like a reallyfat girl worrying if her butt looks big in her new jeans.

    • zzz

      “ongoing source of hard-to-fix vulnerabilities”  yes they prefer easy to fix vulnerabilities so they can release security updates every other day!  Job security for MS programers!  
      “relies too heavily on third parties to secure the web experience”  MS creates the third party security software industry thanks to windows.

    • Guest

      Yes where was their concerns for the last 20 years.

    • Anonymous

      What the hell have you been smoking? Windows is a more secure OS and IE a more secure browser than OS X. Always has been. That’s been proven at Pwn2Own hacking conventions where Apple’s software always goes down first. In fact, Apple’s own security guru and expert hacker flat out states that Windows and IE are more secure than OS X and Safari.

      Microsoft has always been concerned about security. You’re just too ignorant to know. Apple doesn’t get targeted by malware and virus creators because their market share is irrelevant. Although that’s starting to change, and Apple’s response is pathetic. They’ve don’t even have 6% of the market.

      Your ignorance is downright dangerous.

    • Anonymous

      What the hell have you been smoking? Windows is a more secure OS and IE a more secure browser than OS X. Always has been. That’s been proven at Pwn2Own hacking conventions where Apple’s software always goes down first. In fact, Apple’s own security guru and expert hacker flat out states that Windows and IE are more secure than OS X and Safari.

      Microsoft has always been concerned about security. You’re just too ignorant to know. Apple doesn’t get targeted by malware and virus creators because their market share is irrelevant. Although that’s starting to change, and Apple’s response is pathetic. They’ve don’t even have 6% of the market.

      Your ignorance is downright dangerous.

  • Anonymous

    I will continue to use IE9 :) Thanks

  • http://twitter.com/musesum Warren Stringer

    Tis sad news. Have been developing on the iOS platform since the first iPhone came out and was hoping that WebGL would enable interactive 3D content to be deployed equally to Android and WinMo. Instead, it’s back to: iOS first, Android second, and then maybe WinMo. 

  • http://twitter.com/musesum Warren Stringer

    Tis sad news. Have been developing on the iOS platform since the first iPhone came out and was hoping that WebGL would enable interactive 3D content to be deployed equally to Android and WinMo. Instead, it’s back to: iOS first, Android second, and then maybe WinMo. 

  • phil jay

    Like this decision. Webgl is way too low level for something js. I don’t want to use c like apis in a dynamic language that *should* be as syntax-sweet as ruby.

  • phil jay

    Like this decision. Webgl is way too low level for something js. I don’t want to use c like apis in a dynamic language that *should* be as syntax-sweet as ruby.

  • http://10centmail.com 10centmail.com

    Is anyone using WebGL?

  • Haha

    MS is already sporting 60 fps with HTML5 on IE9. Maximum FPS I get on any other browser that does webGL is around 30.

  • Haha

    MS is already sporting 60 fps with HTML5 on IE9. Maximum FPS I get on any other browser that does webGL is around 30.

  • Anonymous

    Seems very logical to me. They didn’t rule it out, just said it isn’t secure enough in its current state. Their reasons seemed very well expressed.

  • Renzo

    For the newbies: WebGL is to Silverlight, what OpenGL is to DirectX (i.e. – a direct threat to Microsoft)

    I’m all for WebGL on non-Windows platforms, but seriously, Silverlight will always be a first-class citizen in Windows to anything that Khronos delivers, just like DirectX.

    That’s really what all this is about; but Microsoft does bring up a very, very good point.

    • Aethec

      Uh…do you know what Silverlight does?
      It’s got nothing to do with what WebGL does.

    • Renzo

      Read this: http://vl.kamibu.com/2011/01/why-webgl/
      Then amend that (good) info with the Silverlight 5 strategy: http://www.techspot.com/news/41403-microsoft-announces-silverlight-5-with-hardware-acceleration.html

      By the time WebGL becomes a standard, and it may never without Microsoft’s support, all the other techs will be way ahead.

      Stay informed, my friend.

  • Paul B

    *webdev who’s given up on completely on IE* Seriously who cares what MS does any more they are the new IBM! I’ll all ways bet on the masses behind then the Goliath in front!

    • Guest

      hey stupid, if you don’t care what MS does anymore, why are you here?

    • Guest

      “I’ll all ways bet on the masses behind then the Goliath in front!”

      All ways? Then instead of than? Maybe you should save your bets and get a refund from your grade three English teacher instead?     

    • Guest

      “I’ll all ways bet on the masses behind then the Goliath in front!”

      All ways? Then instead of than? Maybe you should save your bets and get a refund from your grade three English teacher instead?     

    • Anonymous

      Well,
      you can’t be much of an ‘webdev’ if you have given up on IE! In the end of the day, a ‘webdev’ isn’t programming for himself but for web users and last time I checked, many many many people are surfing the web with IE.

      So, yeah, go ahead and troll some more … ! :)

  • http://twitter.com/joslat Jose Luis Latorre

    mmm why do you care for webGl if it is not even a standard? it goes over the canvas of html5 that also is not a standard… so if you care for standars try to change the w3 that has already taken 6 years just to bring out some html5 specs… and they say it will take 2+ years to release html5…. the real issue here is the W3 and its slow pace of progress…

    there is industry pression to make webgl a standard but it would be good to make it safe before, wouldn’t that be nice? it has been publicly announced and demonstated that it is not safe so it’s clearly true so…

    What’s the point then?

    If you’re with standards, html5 nor webgl are right now. They probably will when they’re more mature (and secure). Then Ms will support them, not before.

  • C Brown

    I always thought it was the job of the industry leader to stick to the industry standards and leave the mod’s to the smaller marketshare browsers (Not the greatest business strategy but its worked so far). If IE does drop below chrome in market share, it will be chromes responsibility to protect and serve the masses and IE can stick to the mods.
    I’m no Web Developer though…

    • S_Noopy

      I don’t know why you’d think that. The history of the industry is often the reverse, with the leader creating their own standard which becomes the defacto one. Losers then sometimes respond with trying to create a “industry standard” hoping to dislodge the leader. That’s not to say there haven’t been good industry standards, or that leaders like MS haven’t provided early support in some cases. But it’s certainly not a pattern. Even Google, who began with the “open industry standards” banner, has selectively ignored it when convenient.

  • Anonymous

    So, Windows is not secure enough for it?

    Hope they optimize the hell out of 2D Canvas so we can at least use something like three.js.

    • Anonymous

      How is it a Windows problem when it gives websites direct access to your hardware?

  • Anonymous

    If WebGL uses openGL then I guess Microsoft is planing to expand their newly announced C++ AMP to be a competitor to WebGL