Security firm issues warning over insecure browser games

Share

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the PC Gamer Newsletter

Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Every Friday

GamesRadar+

Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.

Signup +

Every Thursday

GTA 6 O'clock

Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.

Signup +

Every Friday

Knowledge

From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.

Signup +

Every Thursday

The Setup

Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.

Signup +

Every Wednesday

Switch 2 Spotlight

Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.

Signup +

Every Saturday

The Watchlist

Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.

Signup +

Once a month

SFX

Get sneak previews, exclusive competitions and details of special events each month!

Signup +

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

Games which are developed using WebGL and are designed to run in a web broswer are leaving your PC open to back door hackers, according to consultants at Context Information Security , who claim to have found "serious flaws" in the design of the platform which is designed to give streaming games control of local resources on your PC.

The problem, according to Context, is that graphics drivers simply haven't been written to allow remote access.

“The risks stem from the fact that most graphics cards and drivers have not been written with security in mind so that the interface they expose assumes that the applications are trusted,” says Michael Jordon, Research and Development Manager at Context. “While this may be true for local applications, the use of WebGL-enabled browser-based applications with certain graphics cards now poses serious threats from breaking the cross domain security principle to denial of service attacks, potentially leading to full exploitation of a user's machine.”

Many pundits reckon that streaming games will all but replace traditional DVDs and hard drives before too long, but revelations of a serious security hole in one of the most promising ways of getting immersive worlds from a web server onto your PC raise concerns.

All is not lost for the browser-based dream, however. WebGL is promising because it's part of the family of OpenGL APIs from the Kronos Group and works well with HTML 5, the sett of web standards which most think will define online interactivity in the future. It's not actually very popular at the moment though, with a Quake 2 port probably the most interesting WebGL game out there. Most well known browser games, like Runescape or Battlestar Galactica use Flash or Unity (respectively) which aren't subject to the same risks.