I was disappointed today to read the headline “Microsoft refuses to endorse WebGL, labels it ‘harmful’,” which itself is derived from a Microsoft security blog post titled “WebGL Considered Harmful,” which itself parrots a security scare report from a few weeks back.
Is WebGL actually harming your computer in any way? I doubt that’s a serious or credible claim. And, frankly, if Microsoft has taken a formal position against WebGL, no one I know got the memo.
It would be an unfortunate position for Microsoft to take, IMO, because it gives the impression that Microsoft runs away from security issues that require some modest technical mitigation.
After all, what is an operating system but a series of security apparatuses coupled with Hardware Access Layers and useful software development APIs on top?
WebGL has the latter two in spades and most of the former, but clearly needs a bit more assistance on the security angle before everyone is “all warm and fuzzy.”
Operating systems and security mitigation are what Microsoft is known for. It’s our bread and butter. Why would we run away from that challenge with such an alarmist attitude of “shut it off, shut it off, it might hurt me!”
I think we would face these potential threats head on, as we’ve always done.
I mean, the exact same graphics hardware that WebGL uses is available to native applications running DirectX or OpenGL on your PC and/or phone. Are we going to ban downloaded games because they might, in some universe of possibilities, harm our computer or cause us to, God forbid, reboot? No. At most we give a security warning that this .exe might be harmful and let you make the choice.
Are we going to ban Chrome and Firefox as “unsafe” if they continue to unabashedly support WebGL? Are we claiming those guys don’t care about security and aren’t working hard to mitigate any remaining issues as soon as possible?
No. That’s not a tenable position, IMO. WebGL will be running on my PC and yours, one way or another. Microsoft will need to deal with it. And more to the point, we can actually help make it much more robust if we engage instead of apparently running away.
I was mainly disappointed in those posts because I recall vividly that it was Internet Explorer’s pioneering work with plugins (specifically ActiveX controls) that help build the rich interactive web as it exists today. Plugins created capabilities not found in browsers, even to this day. Flash is a native plugin. Silverlight is a native plugin. Google Earth, running in your browser, is a native code plugin. RealVideo, YouTube, and FarmVille would arguably not even exist without plugins (okay, that last one might have been a blessing).
However, ActiveX controls were, at one point, the primary vulnerability for browser-borne attacks on your PC. They are, after all, native code with hardware access that could run malicious operations, perform disk writes, read your personal data and plant viruses. Indeed the MSDN site on ActiveX controls begins with “An ActiveX control can be an extremely insecure way to provide a feature.”
Somehow we survived the existential threat of native code plugins taking over our PCs, or at least we made it through alive. The web prospered in rich user experiences primarily on IE, while the main residual downside of plugins, even today, is that they require user confirmation, code signing, and in some cases circulation of known or suspected threat information among browsers to help block attacks. That’s not ideal, but yet we survived and received the benefits of plugins on the whole.
Well, that’s not to say plugins are all safe. How often does your Flash plugin need to be updated (weekly?) to address vulnerabilities to keep it safe from attacks? If WebGL can help obsolete those security holes, it could actually be in some ways safer than what exists today.
WebGL is not a plugin but rather a “built-in” and it doesn’t ever allow the extreme native access of ActiveX — no disk writes, no main memory access, no CPU code apart from officially signed graphics drivers. A shader can really only affect your graphics hardware and screen output. The most severe vulnerability we know of today is that it might hang your machine. Worst-case solution: reboot.
We can do better. We can require WebGL shaders to be proactively trusted in the same way plugins are trusted and largely avoid the worst threats. We can do even better with code analysis, collaborative filtering, and hardware or OS watchdog timers (e.g., any shader taking more than a fraction of a second can be reset without anyone complaining). Yes, we can. But if the choice comes down to running WebGL or not, I’d live with a popup asking permission to access my graphics hardware, as we do for GPS, camera, etc..
What’s going on?
From the one discussion I’ve had with leaders from IE, I can reassure folks outside Microsoft that this issue is actually about security and doing the right thing for users. It’s not about “GL” vs. “DX” in the name, as some suggest. It’s not about wanting to disrupt any other browsers, as Microsoft has often been accused. These leaders are genuinely concerned about the possibility that someone on a malicious website could use WebGL to disrupt your experience in a serious way, and incidentally that it would appear to be Microsoft’s fault…
Users are not very discriminating in their blame, after all.
Those leaders may not be fully aware of how big a movement WebGL really is and how it is going to transform the web yet again. But the reality is, if Internet Explorer does not support WebGL and WebGL nevertheless becomes the de facto standard for 3D on the web (which it will, IMO), then IE will be in an uncompetitive position to either help fix any problems and moreover retain or grow market share relative to other browsers. That would be sad, esp. given how long the product cycles are and how long it would take to course-correct. We could miss the boat entirely.
Now, I own Microsoft stock. I want Microsoft to succeed, and that includes IE. If Chrome, Firefox, and Safari support WebGL on Windows and there are new PC-only vulnerabilities found, do you really think people will blame Google, Mozilla, and Apple and praise IE?
Not a chance. They’ll blame Microsoft. They’ll blame the OS. They’ll blame the company. They’ll blame the logo sitting in the corner of the screen that just went blue or blank and say how “this never would happen on Chrome or OS X.” (ignoring market share)
All Microsoft would likely achieve by not supporting and improving WebGL securely is that the people who could really fix the few remaining issues (driver writers, hardware manufacturers, OS makers) will try less hard and take that much longer than they would with IE and DirectX demanding results.
Meanwhile, IE would potentially lose market share due to popular interactive experiences that are not achievable there. And any sort of weaker “safe” shader-less alternative that IE might conceivably propose in a too-little-too-late DOA standard will make it appear as if IE is trying to disrupt the market, which I don’t believe is their goal. They really want to do the right thing, but it may not be very clear what that is until the Web clearly and audibly demands it.
There is only one way through this maze. The way forward is to address the security issues head on, get IE the most robust implementation of WebGL on the market, and lead the industry to a new level of user experience, including NUI and rich 3D graphics, hand in hand.
Speaking only for myself, as always, I fully intend to use WebGL as one important tool for applications and platforms I develop for Microsoft. That means “wherever it’s supported.” For other cases, we’ll have to use creative fallbacks, lesser functionality, and/or resort to plugins or augmented browsers for cross-browser capabilities once again. Our charter at Bing requires working cross-platform to reach the greatest number of people possible and I don’t see that changing anytime soon.
The kind of experiences we want to deploy are nothing short of revolutionary – 3D for the masses, tying the real world to the information space that surrounds us in our everyday lives. This means phones, PCs, and the like will require the kinds of rich, real-time interactive 3D interfaces that right now only WebGL can offer in a cross-platform, stable, browser-based way.
There is clearly only one direction forward for Microsoft and 3D on the web.
WebGL is the way.