Risky Business #221 -- Browser GFX security with Ben Hawkes

Does the hype match the reality?
25 Nov 2011 » Risky Business

In this week's feature interview we're chatting with Google's Ben Hawkes about the risks posed to browsers by new developments in the way they handle graphics. WebGL and Flash Stage3G allow Websites easy access to graphics cards but introduces a bunch of potential security issues. What if there's a bug in your graphics card driver? Can you then exploit that through the browser?

That, for want of a better word, would be... bad.

It's a topic that's been picking up a bit of coverage over the last six months or so, but is it overhyped?

In this week's sponsor interview we're hearing from Eddie Schwartz the Chief Security Officer of RSA security. We're chatting to him about the notion that keeping attackers out of networks just isn't realistic anymore. CSOs need to cop to that fact, Eddie says, and start looking at some fresh approaches.

We have a good chat about some of the Jericho Forum's security principles [totally legit PDF], too, and how consumer devices entering the enterprise is actually driving a deperimiterisation approach to infosec.

Adam Boileau, as always, drops in for the week's news headlines!