Google Demonstrates Chrome Native Client With Bastion

Multiple readers sent word that Bastion, an action RPG from indie developer Supergiant Games originally made for Xbox Live Arcade, has shown up in the Chrome Web Store. The purpose of the move is to showcase the browser's Native Client technology. From the article: "Ian Ellison-Taylor, Google's director of product management for the open Web platform, said that Native Client, also called NaCl, can currently improve browser performance by 1 to 10 times. 'What would it be like if we could run native code inside the browser,' he asked the crowd, and he enumerated two goals for the Native Client project. He said Google wants to bring native applications to the Web for performance and security reasons, and it wants to enrich the Web ecosystem by bringing popular, long-in-use programming languages to the Web."

Wow, this is so innovative.

This is so revolutionary. Now we can run native applications on our computers! Just imagine the possibilities! Oh, wait. We already can. And they aren't inhibited by some horrid browser-based sandbox.

Re:Wow, this is so innovative.

Actually, these are more like terminals of the past and the "thin clients" that never took off. (And never will.)

I always said, let's give virtualbox tabs, where each tab is a copy-on-write instance of the same virtual machine snapshot. And a URL bar to enter the URL of a application you like to run in that tab. Add modules (like memory snapshots of OSes and libraries) that are cached like in a browser cache today but bigger and more efficient, so programs can use (and share) whatever OS and libraries they like. Optionally, one could offer the option to run that virtualbox like a hypervisor.
Then you have all the speed of native code, but with the sandbox quality of virtualization.
But offer a API/driver that allows clicking on links, in a way that makes it 100% backwards compatible. Because losing *anything* we have now is not an option, if you want people to accept it.

Re:Wow, this is so innovative.

[AmiMoJo]

Considering the difficulty that many users seem to have with noticing those big scary warning messages about how the free screensaver they just downloaded can rape their PC I think offering a sandboxed environment might be a good idea. Microsoft seems to think so too as that is exactly what Windows 8 will offer.

Re:Wow, this is so innovative.

Are you trolling? There are significant key differences between starting an app via NaCl and starting an app that you have to download and install first. And there are significant key differences in the security model that must necessarily follow from that. A sandbox is a good thing.

improving performance by 1 to 10 times

[roman_mir]

can currently improve browser performance by 1 to 10 times

- this reminds me of the quote from the historical documents:

-Good Lord! That's over 5000 atmospheres of pressure!
-How many atmospheres can the ship withstand?
-Well, it was built for space travel, so anywhere between zero and one.

Re:improving performance by 1 to 10 times

[donscarletti]

It's best to take all figures, especially those concerning NaCl with a grain of salt.

Re:improving performance by 1 to 10 times

NaCl with a grain of salt.

It took me a while to get that but it was worth it. Well done.

Re:improving performance by 1 to 10 times

[burni2]

Yes, even an improvement by "1" time is great.

I got a promotion last week, all what I said to my boss was I will do the things in the same way I do them like in the past, nothing less, and well he said then I will promote you to nothing less than in the past and I will increase your sallary by a factor of 1.

Re:Indie = gay

no u

bad idea

[locopuyo]

How would that be more secure? I can only think of things that make it less secure. It is also Satan's anus poised over web standardization.

Re:bad idea

[Qwavel]

I'm guessing they mean that you are more secure now that you can run apps in your browser which you previously had to install into your OS. The privileges enjoyed by an NaCl browser app are really minimal compared to the same app installed with admin on Windows (which is how most users do it).

Regarding web standardization, note that NaCl is nothing like Flash or Silverlight: rather then replacing standard web technologies with proprietary technologies, it is primarily a way to optimize pieces of web technology. You take your bundle of HTML/CSS/Javascript and replace pieces of the javascript with native code. And you don't do it with some proprietary google language - you do it (eventually) with whatever language you want.

To me it seems like a reasonable way to move the web forward without subverting it (or even altering it much).

Re:bad idea

[AaronLS]

Since NaCl == Sodium Chloride == Salt, let's make this discussion more interesting by replacing all instances of "NaCl" with "salt".

"note that [salt] is nothing like Flash or Silverlight". The first consistently taste great, while the others vary in flavor from one OS to the next. I kid, I kid :)

Re:bad idea

[Billly+Gates]

I can replace nacl with IE 6 in your post and mention css box model as a way to optimize w3c standards too. Doesnt mean its ok because its not from Microsoft. Implementing something your own way is evil and proprietary. I did a search and read comments 9 years ago on slashdot and IE 6 was better and supported more standards but things were starting to get monopolized as a result. I seethis and Googles cloud ecosystem as no different than MS. I dont like it

Re:bad idea

[chrb]

Implementing something your own way is evil and proprietary.

Native client is open source. So is chromium.

Re:bad idea

[kripkenstein]

To me [NaCl] seems like a reasonable way to move the web forward without subverting it (or even altering it much).

There are a few big problems with that:

• NaCl is not portable. NaCl apps only run on x86 and x86_64, not ARM or PowerPC or anything else.
• NaCl is not a standard or even a proposed standard, and all other browser vendors are opposed to it (because of the previous issue, and because it is controlled by Google). As a consequence, NaCl apps only run on Chrome (and on x86 and x86_64).

The web is all about open standards, viewing the same web from any browser or any OS, and so forth. So NaCl, that only runs on two archs and on one browser, is a step backwards.

Re:bad idea

[BitZtream]

You have a really fucked up definition of evil if 'doing your own thing' qualifies as evil.

Re:bad idea

> The web is all about open standards

I want on your Web. The only True 'Open' on the Web everyone else uses is the Corporate Wallet...

Re:bad idea

I agree. That's what pNaCl (Portable Native Client) is for: it uses LLVM bytecode instead of x86 assembly, so the final compilation step is left up to the browser... but it's not ready yet. Google really shouldn't have ever declared x86 NaCl stable; it should only ever have been a step toward developing pNaCl.

Re:bad idea

[suy]

NaCl is not portable. NaCl apps only run on x86 and x86_64, not ARM or PowerPC or anything else.

NaCL binaries are not portable in the same way I can't install the FireFox's Windows binaries on Linux (or the armel ".deb" from packages.debian.org on my amd64 computer), but honestly, who cares? Mozilla and Debian guys just compile it for each supported platform. There is also the possibility of creating a "fat nexe" that supports all platforms.

As a consequence, NaCl apps only run on Chrome (and on x86 and x86_64).

Is open source code on an open source browser. I would prefer it being a plugin (I think at some point there was one) so I can run it in all my browsers. But this is no different than any other proprietary feature on other browsers. I'm currently using Mozilla's proprietary "crypto" JavaScript API for an application, and it only runs on Mozilla's browsers. Not convenient, for sure, but what should I do? Not use the feature at all? Or try to make something valuable from it, so other developers might consider incorporating it?

Re:bad idea

NaCL is opensource undrr BSD license (http://code.google.com/p/nativeclient/).

Re:bad idea

[gsnedders]

See http://lists.cs.uiuc.edu/pipermail/llvmdev/2011-October/043719.html: LLVM bitcode isn't stable between releases, is still undocumented in sufficient detail to do a clean-room implementation, and is fundamentally designed to be a compiler IR and not a generic interchange IR. Trying to use it as the latter will only lead to pain.

Re:bad idea

[gsnedders]

NaCL binaries are not portable in the same way I can't install the FireFox's Windows binaries on Linux (or the armel ".deb" from packages.debian.org on my amd64 computer), but honestly, who cares? Mozilla and Debian guys just compile it for each supported platform. There is also the possibility of creating a "fat nexe" that supports all platforms.

And what happens when I'm browsing the web on my MIPS-based TV? I'm at the mercy of the website author to specifically support my architecture. Today, I can visit any website and it will work. There is no dependency on any architecture specific stuff. Most developers will only bother compiling for x86 and ARM in all probability, which will hurt anyone else.

Is open source code on an open source browser. I would prefer it being a plugin (I think at some point there was one) so I can run it in all my browsers. But this is no different than any other proprietary feature on other browsers. I'm currently using Mozilla's proprietary "crypto" JavaScript API for an application, and it only runs on Mozilla's browsers. Not convenient, for sure, but what should I do? Not use the feature at all? Or try to make something valuable from it, so other developers might consider incorporating it?

It is a plugin... using a non-standard, non-documented plugin API, which nobody apart from Chrome supports or has any intention of supporting (it's a huge amount of badly documented, totally web irrelevant, anti-Open-Web chunk of code --- why should anyone take it in?). If they had used the standard plugin API (NPAPI), it would work today in every browser.

And I'm sorry, but this is fundamentally different to a lot of proprietary functionality in other browsers. Most of browser vendors are putting in large amounts of effort into removing old proprietary behaviour and specifying anything they wish to keep. Even Apple when it adds new proprietary behaviour to WebKit typically specifies it. Writing a spec is a big deal: it allows anyone else to write a clean-room implementation, which is often desirable (especially for CSS/DOM extensions: it's practically impossible to share much code without all moving to a single engine). Google hasn't released any spec for NaCl (and neither for the Pepper plugin API it relies upon), the spec it has released for Dart is nowhere near complete enough to allow a new implementation (and it had a several year headstart on implementing --- something that makes their implementation very hard to compete with), the spec for WebM is mostly just a dump of the code of the implementation (it's not really a spec: it's just code and the spec just says "match this").

Re:bad idea

[kripkenstein]

It's open source, but it still is not portable not standardized.

Re:bad idea

[kripkenstein]

There is a fat nexe for x64 and x64_64, but nothing else. That still isn't portable.

Portability is important on the web. People expect to visit websites from their web browser, and for them to work regardless of their OS and CPU. NaCl doesn't work like that.

Re:bad idea

[suy]

And what happens when I'm browsing the web on my MIPS-based TV? I'm at the mercy of the website author to specifically support my architecture. Today, I can visit any website and it will work. There is no dependency on any architecture specific stuff. Most developers will only bother compiling for x86 and ARM in all probability, which will hurt anyone else.

First, MIPS (or any other architecture) is not left out by design, just by implementation. The sandbox requires a deep study of the assembler language of the architecture to avoid all kinds of holes, so there aren't much implementations available because the technology is quite young, but if it ends up being useful, the MIPS manufacturers will be interested in supporting it. If you have a really minor architecture, chances are high that you will have little support for other kinds of hardware accelerated products (e.g. Flash comes to my mind), which are the kind of products that NaCl is aimed to.

And second, the kind of websites that you can browse right now in a low powered TV, will still be coded using technologies available on all browsers.

It is a plugin... using a non-standard, non-documented plugin API, which nobody apart from Chrome supports or has any intention of supporting (it's a huge amount of badly documented, totally web irrelevant, anti-Open-Web chunk of code --- why should anyone take it in?). If they had used the standard plugin API (NPAPI), it would work today in every browser.

OK, that's something I could agree with you. I'm not a browser developer, so I don't know which is the state of this. I certainly don't like Google's attitude in general with respect the way the release technology without some consensus with other parties. If NaCl ends up being a de facto proprietary technology, I will not see it as encouraging. I just think that, as a technology by itself, is quite interesting.

Re:bad idea

NaCl is not portable. NaCl apps only run on x86 and x86_64, not ARM or PowerPC or anything else.

Which is why there is PNaCl

Re:bad idea

[kripkenstein]

NaCl is not portable. NaCl apps only run on x86 and x86_64, not ARM or PowerPC or anything else.

Which is why there is PNaCl

Which is an interesting research project, but it's too early to say if it will achieve the goals of complete portability and full performance.

Re:bad idea

PNaCl is portable because they'll use llvm.

And javascript was not a standard first, it became over time.

I feel it's a step foward, because some architectures, or operating systems previously put aside because of native code limitations, now can enjoy the same benefits. Write for windows 7 x86_64 or write for NaCl, which target windows, mac, linux x86_32 x86_64.

Re:bad idea

[kripkenstein]

PNaCl is portable because they'll use llvm.

LLVM is not portable, see for example http://thread.gmane.org/gmane.comp.compilers.llvm.devel/43769/focus=43770

It is very hard to try to make LLVM portable, which is what PNaCl is attempting. Maybe they will succeed, we will see in time.

1 -10 times

Improve performance ten-fold? I'll take that statement with a pinch of salt.

Re:1 -10 times

[roman_mir]

May I suggest one to ten pinches?

Re:1 -10 times

Your pun shall not be left unnoticed. A sword through your stomach is all that I ask.

How do I turn this off?

[orn]

Like I really want anyone and their uncle to be running native code on my machine. We went to a sandbox model for a reason! If this is active now, how do we shut it off?

Re:How do I turn this off?

I wouldn't be worried about running NaCl code on my machine. NaCl checks the code for violations of API restrictions. See this little description: https://developers.google.com/native-client/overview#how-nacl-works

Re:How do I turn this off?

You should read up on how NaCl works. It is in a sandbox. One based on software fault isolationi.

Re:How do I turn this off?

[TheGratefulNet]

yeah, right; I'm going to trust italian software!?

Re:How do I turn this off?

[swillden]

Like I really want anyone and their uncle to be running native code on my machine. We went to a sandbox model for a reason! If this is active now, how do we shut it off?

It's not active by default, yet, and it is sandboxed. Native sandboxing is possible.

It's SLLOOOOWWWW

[Mr.+McGibby]

I tried Bastion this morning on my arguable beefy 8-core 8 GB machine. SLOW AS SNOT. So either it's slow or I need to change some configuration setting. Maybe I'm missing something, but wasn't doing this crap in the browser supposed to make it "just work" (tm)?

Re:It's SLLOOOOWWWW

[0123456]

Maybe I'm missing something, but wasn't doing this crap in the browser supposed to make it "just work" (tm)?

They said it would 'just work' (so long as you're using a supported browser), they didn't say it would be usable.

Re:It's SLLOOOOWWWW

[SadButTrue]

Not sure what issue you had but I just gave it a go and it was quite smooth. The game it's self isn't my cup of tea but it ran just fine. Narration was funny, if I could have use my controller I prob would have played at least to the end of the demo..

Re:It's SLLOOOOWWWW

[errandum]

It just worked for me, and I'm running a Core 2 Duo 3 year old processor with a medium range graphics card. I'm running Chrome 15

Re:It's SLLOOOOWWWW

[Ambvai]

Low end i5, 4gb with onboard video. The first stage was about as smooth as the downloaded version with the exception of a periodic tiny skip about every two seconds. Chrome 15.0.874.121 m.

Re:It's SLLOOOOWWWW

[VortexCortex]

Single core code... You bought more cores thinking coders (especially poor indie ones) were going to support all of them at once?
My 7 year old 3ghz single core machine, w/ 3GB RAM and a crappy $50 Nvidia GeForec FX 5200 runs this fantastically.

As a coder myself I take great pains to ensure my software can take advantage of as many cores as you throw at it, but in reality, most programs do not. What's the individual cycle speed of one of your cores? Less than my 6 year old laptop? Yeah, don't expect low quality software to run well on your high quality rig.

I wish Erlang wasn't crap when it comes to games -- it was a step in the right direction.

Re:It's SLLOOOOWWWW

I tried Bastion this morning on my arguable beefy 8-core 8 GB machine. SLOW AS SNOT. So either it's slow or I need to change some configuration setting. Maybe I'm missing something, but wasn't doing this crap in the browser supposed to make it "just work" (tm)?

That suggests a 64bit os. Nail currently sucks with x64 precisely because they have dusted good old 386 fault mechanisms that were gone in 64 bit mode.

NaCl!

Personally, I am most entertained that the web client is called sodium chloride.

Re:NaCl!

[cmv1087]

Yes, I'm curious if there'll be a complementary technology named Pepper.

Re:NaCl!

[AaronLS]

If I utilize both technologies, will my browser rap for me?

Re:NaCl!

no, but it might rape you.

Re:NaCl!

No, but you're friends will start calling you Spinderella.

Reminds me of IE 6

[Billly+Gates]

I am a little uneasy of making a web browser a proprietary platform. PcMag had an article about Chrome being the next IE 6 of the browser wars 2.0.

IE 6 was a great browser in 2001 regardless of its security shortcomings found years later. Everyone on slashdot back then admitted to using it but were scared and assumed the WWW would die soon because of it. Everyone seems to be oblivious that Google is another evil big corporation no different than Microsoft. Actually synergy is behind Google now, like it was with MS a decade ago.

Dart is chrome only, the javascript libraries are Chrome only or particulary run much better on Chrome (google ones like V8), this and many other proprietary HTML 5 code like that site with the band a few months ago that only work in Chrome. This game will use HTML 5 but has other proprietary hooks to make sure it wont run in any browser.

Google is making it clear they look at the browser as an operating system. At least Microsoft today is running away from ActiveX and trying to do good with IE 10 which will be the most open and standards compliant browser to date. Firefox is dying and is losing popularity. In a year or two from now it will be a IE vs Chrome world.

Anyone else bugged or am I just paranoid? I just want a great browser and not a simple fast one, but with the real goodies underneath it that are dependent on Chrome.

Re:Reminds me of IE 6

[Qwavel]

I agree that Google is just another big evil corp and should be watched closely - I'm a fan of much of what they have done, but I still try to remain critical.

But this is nothing like what MS tried to do to the web. I'll repeat some of what I posted above: with NaCl, Dart, WebM, and SPDY, Google is not replacing web technologies with proprietary technologies - they are optimizing pieces of web technologies.

Even when you use these technologies you are still writing a standard web app and it still runs on all browsers - just without the Chrome optimizations. For NaCl for example, the primary use case (according to Google) is that you take your bundle of HTML/CSS/Javascript and replace pieces of the javascript with native code. When deployed to other browsers your app uses the original javascript instead of the optimized NaCl alternative.

More importantly, these technologies are all open source and restriction and royalty free. So, for example, Amazon is now using Google's SPDY technology in their browser without any royalties or advantage to Google.

To me these seem like reasonable ways to move the web forward without subverting it.

So, if you want to be pissed at Google then note that a couple of weeks ago they cancelled their project to make Green technologies competitive with coal. That didn't get nearly enough press. But when it comes to the web they (for now) still appear to be behaving themselves.

Re:Reminds me of IE 6

[DragonWriter]

I am a little uneasy of making a web browser a proprietary platform.

There's two different uses of "proprietary" that are common, one is in contrast to FOSS (which Native Client is), and one is in contrast to "standard" (with regard to which, per the Native Client FAQ, Google thinks Native Client is too immature to consider trying to standardize at this time.)

Lots of technology gets integrated into browsers to be proven before being submitted for standardization.

Dart is chrome only

No, its not. The VM isn't integrated into Chrome yet, the only way to run it in a browser is compiling to JS that runs on any modern browser, so its not even runs-better-on-Chrome, much less Chrome-only.

Its possible that the when the VM is integrated in Chrome it will be runs-better-on-Chrome.

the javascript libraries are Chrome only or particulary run much better on Chrome (google ones like V8)

V8 isn't a javascript library, its the JavaScript engine that Chrome uses, parallel to SpiderMonkey or whatever the engine is that Firefox uses now.

[...] proprietary HTML 5 code [...]

You are misusing either "proprietary" or "HTML 5" here.

Re:Reminds me of IE 6

[cmburns69]

Even when you use these technologies you are still writing a standard web app and it still runs on all browsers - just without the Chrome optimizations. For NaCl for example, the primary use case (according to Google) is that you take your bundle of HTML/CSS/Javascript and replace pieces of the javascript with native code. When deployed to other browsers your app uses the original javascript instead of the optimized NaCl alternative.

So I have to write my stuff twice? I barely have enough time to write what's needed once!

No thanks, I'd rather continue to write once and run everywhere-- That's what javascript + existing cross platform libraries provide.

I'll start using these, though, If any of these solutions (thanks to their open specifications) get picked up by a majority of browsers.

Re:Reminds me of IE 6

[kangsterizer]

No, you're entirely right.

I'd point out that Firefox isn't dying. It's actively developed and fully open (top to bottom), faster than many in some areas (slower in some others - so far).
Plus, it stills gains more users every day - its just that the others, well, THE other (Chrome) is gaining *even more* users per day.

The heavy advertising, bundling as opt-in and so on is probably working out. And that, and the Google integration you describe certainly reflect the issue.

Google finally will be able to control the web search, content, *your* content too,your apps, your endpoints, almost everything. They just failed to kickstart their ISP, but eventually, they'll succeed. And to kickstart ChromeOS, but there's Android, and eventually, they'll succeed too.

Scary? yes, damn scary. And in 5 years from now, there's no stopping them. The devs at Google will eventually realize that, and some probably did, but hey, wont spit on the high pay :)

The only way I know, is communicate, make people aware of the issue, and start using stuff that support *true* standards. Heck even IE10 is rather good, and Opera ain't bad either. Firefox too.

Re:Reminds me of IE 6

[kangsterizer]

SPDY and WebM are not the same as Dart and NaCl.
WebM is just plain good, no doubt.
SPDY gave them an advantage since they had it first and others were shy to make such a hack (because it is a hack), however, its getting adopted since SCTP would be a pain.

Dart and NaCl received a strong push back from half or more of the community so I don't need to bore you with details you have already read.

So they enforce it - and they can, due to Chrome's grow rate and their hand over a lot of things. They buy out companies to develop for it. Microsoft style.

Re:Reminds me of IE 6

[10101001+10101001]

So I have to write my stuff twice? I barely have enough time to write what's needed once!

Or three or four times. ARM needs the boost more than x86, anyways, but honestly given that Javascript still doesn't seem suited for more than twirling fobs, I'm not sure what the real point is. I mean, if the performance does become high enough that it's feasible to push games into the browser, I can only see that as a combination of annoying users--just like flash does--while offering an inferior experience to a stand-alone client--since it's enough of a hassle worrying if the game itself will crash without also having to worry about the browser crashing as well. Of course, perhaps I'd feel a bit differently if web browsers didn't still crash, hang, become generally unresponsive, and/or have regularly security concerns. But, then, OS kernels have all those problems as well, even Linux, so I'm not exactly getting my hopes up. It's just that adding another layer doesn't seem to improve things.

Re:Reminds me of IE 6

[BZ]

> V8 isn't a javascript library,

You misunderstood.

Google's JavaScript libraries are purposefully written to run faster on V8 specifically, often at the expense of performance in other browsers. And at the same time, V8 is written to run the code patterns those libraries use faster, often at the expense of other code patterns used elsewhere.

The net result is that Google properties work better in Chrome and at the same time Chrome works better on Google properties.

Re:Reminds me of IE 6

Yea, if only Chrome were based on some sort of open source browser like this: http://www.chromium.org/Home

Re:Reminds me of IE 6

[FrangoAssado]

Google's JavaScript libraries are purposefully written to run faster on V8 specifically, often at the expense of performance in other browsers. And at the same time, V8 is written to run the code patterns those libraries use faster, often at the expense of other code patterns used elsewhere.

That might be a problem if V8 wasn't open source, or if Google was preventing anyone from seeing how it works. As it stands, your argument makes about as much sense as saying that Linux and GCC were evil because earlier versions of Linux couldn't be compiled on anything but GCC. The thing is, nothing prevented anyone from changing Linux to compile in other compilers, or studying GCC to learn how to make other compilers compile Linux (and, indeed, today it's possible to compile Linux with other compilers).

So, if Google's libraries do indeed run that much faster in V8, what's preventing anyone from implementing these optimizations in other javascript engines, or writing their libraries to run fast on V8? Is it reasonable to prevent Google from optimizing anything just because other browsers and libraries would then be slower?

Re:Reminds me of IE 6

For NaCl for example, the primary use case (according to Google) is that you take your bundle of HTML/CSS/Javascript and replace pieces of the javascript with native code. When deployed to other browsers your app uses the original javascript instead of the optimized NaCl alternative.

So does that mean there's a version of Bastion written in javascript that runs everywhere, and a native version that works better in chrome?

Re:Reminds me of IE 6

[BZ]

> what's preventing anyone from implementing these
> optimizations in other javascript engines

They make other (non-Google) sites run slower?

> Is it reasonable to prevent Google from optimizing
> anything just because other browsers and libraries
> would then be slower?

I didn't say anything about preventing Google from doing whatever they want. I'm not sure where you got that.

I'm also not sure where you got your "evil" bit from. I made a factual statement, with no value judgments attached to it.

Re:Reminds me of IE 6

[FrangoAssado]

They make other (non-Google) sites run slower?

That would be bad, but I find it hard to believe. Do you have an example of an optimization in V8 that makes some code run *slower* than it would without that optimization? It seems more likely that other engines are just better than V8 for some types of code; it's hardly surprising that V8's optimizations are focused on the type of code that appears in Google's libraries.

I didn't say anything about preventing Google from doing whatever they want. I'm not sure where you got that.

I'm also not sure where you got your "evil" bit from. I made a factual statement, with no value judgments attached to it.

Sorry, I misunderstood you. I thought you were supporting the argument that Google is trying to do something similar to what Microsoft did back in the days of Netscape vs. IE, like the thread's parent comment (the "evil" bit came from there).

Re:Reminds me of IE 6

"I agree that Google is just another big evil corp and should be watched closely - I'm a fan of much of what they have done, but I still try to remain critical."

What? "I really like this band, but I still try to hate it." Tough standards. Is every large corporation suspect? I mean sure, anybody can turn bad, but I have 0 problem saying that I like a corp that does a bunch of things I approve of.

"So, if you want to be pissed at Google then note that a couple of weeks ago they cancelled their project to make Green technologies competitive with coal. That didn't get nearly enough press."

The curse of charity projects; everybody complains should they dare stop and sees some kind of agenda. Google starting the project didn't get very much press, and I get the impression it was fairly small anyway. My suspicion is that Google's research proved that the problem would require more funding than a light side project outside Google's competencies would merit.

Re:Reminds me of IE 6

[BZ]

> It seems more likely that other engines are just
> better than V8 for some types of code

Well, yes. But some optimizations are just mutually exclusive because they require different design tradeoffs.

As for the rest... Google is definitely being evil in various ways, and is in fact much like Microsoft in the late 90s, in my opinion, but what they're doing with V8 is just self-interested, not so much evil.

Re:Reminds me of IE 6

Google at least participates in w3c standards bodies instead of torpedoeing them like Apple. Besides that there is a fundamental difference between nacl and activex. The latter was just a way of distributing windows Apps to fend off danger from other browser based technologies replacing them in corps based on logistics advantage. Customer was never a priority and MS should have never let it outside of controlled enterprise environments. Nacl doesn't hook in any proprietary api, currently only opengl is available. It's more like precompiled js. And has historically successful security model.

Re:Reminds me of IE 6

[FrangoAssado]

So, the fact that V8 runs better some javascript in the wild has nothing to do with Google being evil. And "self-interested" seems a little uncharitable, seeing that V8 has a BSD license -- in other words, they're going out of their way to make the javascript engine they develop and use available to anyone interested, not even requiring modifications to be given back to them.

Google might be evil in other ways, but can we agree that the original point of this thread -- comparing what Google is doing with Chrome (which, by the way, ALSO has an open-source version) with what MS did with IE6 -- is ludicrous?

Re:Reminds me of IE 6

[BZ]

Actually, I agree with the original point of the thread. What Google is doing with Chrome is:

1) Explicitly authoring its own web properties to specifically work better with Chrome, in hopes that its high market share for things like search and webmail will increase Chrome adoption.

2) Authoring its own web properties to only work with WebKit (e.g. a number of Google's sites sniff UAs and send WebKit-only content to any mobile UA).

3) Urging authors to create Chrome-only content (and more generally, together with Apple, encouraging WebKit-only content).

4) Paying other companies to bundle Chrome with their software so that people end up using it whether they want to or not. This part Microsoft didn't have to do because they just bundled with Windows, of course.

They're not _quite_ as bad as Microsoft was because a lot of this is in fact open source (though they don't exactly take contributions much or plan to share control, so most of what you can do with the source is fork). This does mean that some other project could import some part of Chrome or V8 if desired. But given that none of this code is static (security fixes, spec changes, etc), it's not like a one-time import is useful. You have to keep importing (and hoping that Google doesn't change something you care about) or as I said fork and take over maintenance. In practice, for most situations, both options suck to a good extent. http://3.bp.blogspot.com/-GBSGBbc9UtA/TmexwLaJN9I/AAAAAAAAAKs/06OaexCT5Ms/s1600/Lead%2Bdevice%2Bconcept.png is a good look into Google's general thinking on open in this context, for what it's worth.

One other important note is that Google is a bit better at participating in the standards process than Microsoft was in 2001 (though not than Microsoft in 1998, say). That's a net plus for them.

So no, comparing what Google is doing with what Microsoft was doing with IE6 is not at all ludicrous. There are some important differences, and Google doesn't have a browser monopoly, so they have to play a bit nicer so far, but the overall strategy looks similar to me. The key to frustrating it, of course, is for them to not end up with said browser monopoly.

Re:Reminds me of IE 6

[FrangoAssado]

Your points 1-4 seem valid to some extent (even though, for example, I have never seen any difference in google search or gmail between Firefox and Chrome, and I use all combinations), but I think saying that's even remotely similar to what MS did is blowing things out of proportion. I think (2) and (3) are somewhat natural for anyone developing a web browser. For example, Mozilla did essentially (3) and allowed people to do (2) with Mozilla (now Seamonkey) and then Firefox for the longest time, in the form of easy-to-write extensions -- for instance, there are a *lot* of site-specific extensions for Firefox that completely change the way a site appears and behaves. Maybe no one cares because the amount of users of these extensions is minimal? And (4) is indeed worrying; this is the first I hear of it (I don't come even close to using any of the software that bundles Chrome). I looked around, and this actually changes my mind about some things; I'll have start following these kinds of thing and see what comes out of it.

To the next point, it would indeed be nicer if Google allowed more participation from the community in V8, but I don't think too much of it. As long as there's a workable option to fork the code *and* keep receiving updates, I don't think anyone who is serious about developing a web browser should have too much difficulty in merging updates from Google or other sources. Things like these happen a lot in other contexts -- for example, most Linux distributions do that in some form or another in a much larger scale (but I can see that it takes a lot of people to do it).

The link you posted seems related specifically to Android, not Chrome, so I'll take that with a grain of salt. It *might* give an insight into Google's general thinking, or just their strategy regarding Android.

With all that said, in the end, I can't shake the feeling that most of these arguments are a tad paranoid, and there's a lot of speculation involved. Maybe the writing is on the wall and I simply can not see it. I guess I'll find out in the next few years.

And I agree that a browser monopoly in the hands of Google (or anyone else) would be bad. I just wish the Mozilla people would stop making Firefox increasingly unlikable :)

Re:Reminds me of IE 6

[BZ]

> I have never seen any difference in google search or
> gmail between Firefox and Chrome

Offline gmail only works in WebKit, by design.

> For example, Mozilla did essentially (3)

Mozilla has consistently tried to convince people to author pages that work in all browsers, in my experience. But I'm not omnicient, of course. ;)

The extensions thing you raise is interesting. I have to admit I'd never thought of it that way before, if only because I'd never used any such extensions. But yes, the number of users of such extensions is minimal in general.

Let's hope that you're right and in a few years my worries here will in fact seem like paranoia...

Good question

[0123456]

What would it be like if we could run native code inside the browser?

The massive swamp of security vulnerabilities that was ActiveX?

Re:Good question

[BitZtream]

Ironic, every modern browser supports something like ActiveX.

I love when ignorant people such as yourself talk about shit you don't understand at all.

ActiveX is nothing more than a plugin system. It just happens to be system wide in Windows, and IE takes advantage of that ... IE6 and its ancestors had a lot of issues because OTHER developers marked ActiveX controls as SAFE FOR INTERNET USE and SAFE FOR SCRIPTING ON THE INTERNET when they were not and had no reason at all to be used.

The IE implementation errors didn't help as it made it far to easy for ActiveX controls to be installed without approval

In the end however, Firefox XPCOM objects not written in Javascript (so all the ones that do real work) are no different than ActiveX controls.

The difference is that other browser vendors got to watch someone else be the big most popular browser getting abused to all hell and back.

Re:Good question

[VortexCortex]

I think you're missing something important. Every bit of JavaScript you run on modern browsers is compiled into machine code in memory, marked as executable, then executed -- right on the metal.

This is why mistakes in the compiler and/or buffer overflows in JS supporting code can so easily cause remote code execution. All the "sandboxing" NaCl provides is the same as what JS provides -- NONE! Do you actually think that there are Zero buffer overflow vulnerabilities in any of your favorite softwares?

The only way to sand box this stuff is to have a secure Hardware supported VM, or use an interpreted language. We traded speed for security with WEB BROWSERS!?!? Yeah, the whole web is held together with duct-tape bubble gum and twine. I'm out. The native vetted application market is the way to go, except they all made the same SNAFUBAR, compiling bytecode to machine code and calling that a sandbox.

Re:Good question

[dkf]

What would it be like if we could run native code inside the browser?

The massive swamp of security vulnerabilities that was ActiveX?

I'd agree, except that Google actually appear to have made real progress on the problem of sandboxing native code. I'm not 100% sure that they've solved it — alas, I've not had the time to study it in enough depth — but it at least looks quite likely. Key things that are restricted include access to the parts of the OS that read and write files, with much of the sandboxing focusing on ensuring that nothing can jump to a bad instruction. Without unrestricted access to the OS, a process really can't do that much that's harmful (except chew CPU cycles until something shoots it in the head).

Very clever. Conceptually portable to other platforms too, but I don't know how much work that would be.

Re:Good question

The secure vm you are talking about have been there on your pc since 386 times. And nacl is utilizing it.

Increasing performance 1 times!

[karmicoder]

Hey... I have some great proprietary technology that can increase the performance of any program by at least 1 times. Please send $1 to Happy Dude, at 742 Evergreen Terrace...

Re:Increasing performance 1 times!

That's nothing - my tech will increase performance by a factor of 0 (it saves lots of power too)!

Re:Increasing performance 1 times!

You should market that to my CEO. His reply would probably look like :

"A dollar for a 1x speedup? I just mailed you 100 dollars. How quickly do you think you can send me a program to improve my performance by 100 times?"

Re:Increasing performance 1 times!

[DragonWriter]

Hey... I have some great proprietary technology that can increase the performance of any program by at least 1 times.

You do realize that improving by 1 time is doubling, right?

Re:Increasing performance 1 times!

[AaronLS]

Thanks for the payment. Attached is the program that improves your performance by 1x a hundred times. 1*1*1*1....

Active X?

[The+Raven]

Can someone describe the differences between NaCl (Salt?) and ActiveX? They both seem to be methods to run native code inside a browser sandbox. What are the ways Google's offering is superior? Is it better at all than the current implementation of ActiveX? I like Google, but this particular initiative seems kind of backwards thinking.

Re:Active X?

[should_be_linear]

ActiveX, once you (or BFU) enabled it, can do anything user account is allowed to do. NaCl program is sandboxed, so even when you allowed it to run, it cannot do anything harmful.

Re:Active X?

[0123456]

NaCl program is sandboxed, so even when you allowed it to run, it cannot do anything harmful.

I remember people saying that about Java.

Re:Active X?

[DragonWriter]

Can someone describe the differences between NaCl (Salt?) and ActiveX?

Native Client (NaCl) is a sandboxed environment that verifies and then executes a safe subset of x86 code. It is an open source technology integrated into Chrome that works pretty much everywhere Chrome does, and is a bridge to the real goal, which is Portable Native Client, which does similar things but uses LLVM bit code and client-side compilation so it isn't dependent on actually running on an x86 machine (opening it up to ARM-based devices, particularly.)

What are the ways Google's offering is superior?

Its not proprietary (in the non-open sense), it doesn't rely on the client running Windows.

Re:Active X?

[swillden]

NaCl program is sandboxed, so even when you allowed it to run, it cannot do anything harmful.

I remember people saying that about Java.

And it's true. Early on there were some JVM bugs that allowed malicious apps to break out of the sandbox, but those have been fixed, and sandboxed Java code is sandboxed very effectively.

Re:Active X?

[Gaygirlie]

it cannot do anything harmful.

Or atleast that's the claim.

Re:Active X?

[PwnzerDragoon]

(opening it up to ARM-based devices, particularly.)

Actually, NaCl already works on ARM. Though PNaCl will make it easier to develop for, as you won't need to maintain different builds for each platform.

Re:Active X?

Ax is a windows component technology created primarily for extending personal Apps made desktop office Apps not web. Its main advantage (and curse) was not performance but full access to full windows api.
Nacl in none like that. Its a naked computational machine code that is limited by opengl and js to do anything meaningful. It can't use any os services directly. That's a fundamentally different model.

But I can understand frustration of web devs around about nacl. Suddenly a lot more skills became transference to new bright future of web html based pc/mobile application ecosystems. And that means a lot more competition.

To sum up: I take nacl over competing technologies ( silverlight, flash ) for serious productivity app development any day. Js will never be enough for that.

Re:Enough with the "sandboxing is perfect" bullshi

[grumbel]

Why do you insist that sandboxes are the only solution to security problems?

So how exactly do you propose to run native code securely without some kind of sandbox?

Re:Enough with the "sandboxing is perfect" bullshi

[tepples]

Why do you get so excited about a technique that's actually quite ancient?

Because we're making fun of mainstream PC operating system developers who can't figure out application sandboxing by themselves.

A type-safe subset of x86 instructions

[tepples]

NaCl defines a subset of x86 instructions that are verifiably type-safe, just as .NET IL and JVM bytecode are verifiably type-safe. The browser verifies the binary before executing it.

Re:A type-safe subset of x86 instructions

[shutdown+-p+now]

It's not type-safe (there are no types as such on assembly level, it's all just bytes and words), it's memory-safe.

More importantly, the subset of instructions available in NaCl allows one to do lower-level stuff than verifiable CIL instructions (JVM is always memory-safe). For example, NaCl permits pointer arithmetic.

Re:A type-safe subset of x86 instructions

[Cajun+Hell]

People are going to be in for such a surprise, when the all-male population of dinosaurs start laying eggs. Life finds a way.

Firefox could easily avoid dying.

I agree completely that Firefox is currently on its way out. Mozilla has made one fucking mistake after another with Firefox lately, and it is indeed killing it faster than I had even originally anticipated. But Firefox doesn't have to die. Mozilla could quickly reverse the flood of users away from it very simply.

Here's what they need to do:

1) Give the "designers" the boot. Applications "designed" by failed web "designers" are fucking unusable, like recent Firefox releases have been. These people are fucking clueless.

2) Undo every stupid decision made starting with Firefox 4. That means put the menus back, put the status bar back, put the protocol back in the URL bar, and quit trying to put so many fucking rounded corners and fucking gradients all over the place.

3) Fix the fucking performance problems and memory leaks. We've told them about these problems for years now. They're damn easy to reproduce. All you need to do is download Firefox, install it, and use it for 10 minutes. The poor performance will be obvious, and the memory usage will be shitty. Since it's so easy to reproduce these problems, Mozilla should have no problem fixing them.

4) Stop the stupid release schedule. Release a few times a year, and make sure these releases are solid. And for crying out loud, stop breaking add-ons with each release!

Through those simple steps, Mozilla will be able to save Firefox. If they don't to this, however, Firefox will indeed be a mere footnote in the history of web browsers.

Re:Firefox could easily avoid dying.

I run it on a 1.8G pentium 4 with a gig of ram. I'm using both aurora and firefox 8. Current uptime is 3 days, with multiple windows and multiple tabs open. The only time I ever see it consume 500 megs is if I leave some youtube videos in the background for a few hours...

So, yeah. That thing you bitch about is fixed now. You're welcome to try out Firefox anytime.

Personally, I will never touch Chrome because it doesn't fully support blocking ads and never will. On this old machine Chrome doesn't run any better than Firefox anyway. Without having 8 gigs of ram and quad cores to throw around, I can make Chrome crash too. But I'd never be stupid enough to blame the crash on Chrome and its "memory leak problem".

Re:Firefox could easily avoid dying.

P4 1.8 processor is now a quad core? Holy fuck, Intel's marketing dept. must be smoking something.

Re:Firefox could easily avoid dying.

[I(rispee_I(reme]

In the meantime, use Firefox 3.6.

I was surprised to find that it still gets updates (3.6.x) and all the newest versions of my extensions still work with it. Your mileage may vary.

Maybe if netcraft reports that enough users are refusing to run their painted whore of a browser, the Firefox devs will see the light.

Re:Firefox could easily avoid dying.

[Luckyo]

The reason it's still getting updates is because someone in mozilla still has enough sanity to understand that 4+ are failures that will never be adopted by corporate world, and that users want to have same browser at work and at home.

I would expect that 3.6 will continue to get upgrades for a very long time, or at least until they stop the insane release schedule they have now and default back to old one. Which will probably happen once they have enough head start on chrome to last them a year or so.

Re:Firefox could easily avoid dying.

Huh? I was saying that it's harder to make stuff crash on newer machines. You're really reaching for this troll.

Re:Enough with the "sandboxing is perfect" bullshi

For crying out loud, what is it with you wheel freaks? Why do you insist that wheels are the only solution to transportation problems? Why do you get so excited about a technique that's actually quite ancient?

Fuck, I first remember using wheels back in the 1970s on some Ford pintos, and it probably wasn't even a new technique then. All through the 1980s, 1990s and 2000s it became a pretty common feature of most land yachts. Hell, even Chrysler and GM have excellent wheel rotating support, and have had it for a long time. That's not even considering Hyundai, Kia, and the other existing and well-established platforms that have wheels! These days we've also got Saab, BMW and many other systems we can run on roads.

Look, wheel rotation is one transportation technique among many. If getting rid of wheels causes you that much of a problem, THEN YOU'RE DOING TRANSPORTATION REALLY FUCKING WRONG!

FTFY

Or You Could... You Know...

[Greyfox]

Run native code WITHOUT the browser. Revolutionary idea, I know. You could pass on all the frameworks required to shoe-horn procedural programming onto a stateless protocol, give HTML and XML markup a miss, not write any javascript, and... just... write an application. And maybe it won't need 34MB to run in, and maybe it'll actually be instantly responsive. Maybe... just maybe... that's what you really need to do.

Re:Or You Could... You Know...

Heh... I've been thinking the same thing. Only problem is...it doesn't fit in with their aspirations of global domination...

Re:Or You Could... You Know...

[ceoyoyo]

Heavens. You could use some other port than 80 and a protocol other than HTTP for communication too.

Re:Or You Could... You Know...

[mrnobo1024]

And if you don't want that application to put your security at risk via the arbitrary code execution exploit du jour, all you have to do is run that application in a separate limited user account. And make sure all your important files' ACLs prohibit access from that account. And don't use runas, use an actual separate login session, because of window shatter attacks. It's so easy, I bet everyone runs their applications this way. I'm sure you do. ...Right?

Re:Or You Could... You Know...

[goruka]

And lose the ease of deployment that web based apps have and the multiplatform goodness of Native Client? No thanks.

Re:Or You Could... You Know...

[celle]

"And lose the ease of deployment that web based apps have and the multiplatform goodness of Native Client? No thanks."

What, get off you lazy ass and do real work for real pay. Who would have of thought?

Re:Enough with the "sandboxing is perfect" bullshi

For someone who 'remembers' the 1970s you are really clued out about security basics.

Re:Enough with the "sandboxing is perfect" bullshi

Your Shitty Car Analogy is quite shitty, even for a Shitty Car Analogy. In fact, you actually proved the GP's point in your perverse attempt to ridicule it.

You're totally missing the fact that wheels are basically the only thing that'll allow most cars today to move. You take the wheels off, and your car isn't going anywhere. That's exactly the problem that the GP is describing with these sandboxing afficionados. They think of sandboxing as their only option, and thus it's the only option they employ. You take it away, and they're shit out of luck.

Sensible people, on the other hand, see sandboxing as just one more tool in the toolbox. It's not the only approach they use to ensure the security of their systems, so taking it away causes little to no harm. They have employed multiple other techniques to help ensure the security and the safety of their systems.

Re:Enough with the "sandboxing is perfect" bullshi

You're only able to use a set of formally verified "safe" instructions. I'm no expert on this, so look here for more detail on the way it works, from people trying to break it.

Pepper

[DragonWriter]

Yes, I'm curious if there'll be a complementary technology named Pepper.

Pepper is the plug-in API that NaCl modules use to communicate with browser-managed resource, JS, etc.

Re:Pepper

[cmv1087]

Oh wow, you're right. Silly me, not reading the article.

Re:Enough with the "sandboxing is perfect" bullshi

That is in itself a form of sandboxing no?

I guess you could call it...

[pipeep]

... rubbing salt in Adobe's wound.

Re:I guess you could call it...

YEEEEEEAAAAAAAAAAAAHHH!!!!

A plugin to rule them all!

[goruka]

Native Client is like a plugin that makes all other plugins obsolete.

-It can do everything you can do with Flash, Unity, Silverlight, etc.
-You can use any language to develop for it, C, C++, ObjC, Python, C#, you name it.
-Can access everything JS can (using the Pepper plugin API).
-It's from a trusted vendor (Google), so most people will not be afraid to install it.
-Will come pre-installed in the soon to be most popular web browser.
-It's open source
-It's much more secure than existing plugins due to sandboxing.

And, yes, I can understand HTML5 purists, but the truth is that:

1) Not everything can be made into a web application using HTML5+JS.
2) There's way too much code and applications written in other languages..
3) Cross-Platform web deployment is very attractive. Compile for x86 and ARM and 99.999% of the devices on the planet can be supported.

So, disable it if you don't want it, but this is a very attractive idea with a lot of potential for us developers, and even Adobe is trying somehting similar with Alchemy on Flash. It's a much more realistic way to bring actual real applications to the web than the dream that HTML5+JavaScript is.

Re:A plugin to rule them all!

Is this supposed to be sarcasm?
OK... the "trusted vendor" one was the funniest followed by the "most popular web browser" and the always funny "sandboxing".

Some "current info." 4U to read then

Java tops for hackers, warns Microsoft:

http://www.theregister.co.uk/2011/12/02/microsoft_java_vulnerabilities/

&

Java Apps Have the Most Flaws, Cobol the Least:

http://developers.slashdot.org/story/11/12/09/1533252/java-apps-have-the-most-flaws-cobol-the-least

---

* Some "Food 4 Thought" in regards to your statement requoted here next:

"Early on there were some JVM bugs that allowed malicious apps to break out of the sandbox, but those have been fixed, and sandboxed Java code is sandboxed very effectively." - by swillden (191260) on Friday December 09, @07:00PM (#38321060) Homepage

Then how come the above's happening & EXTREMELY recently?

APK

P.S.=> I program in JAVA myself, but realize it's fallen short of its initial promises on safety/security...

... apk

Re:Some "current info." 4U to read then

[PwnzerDragoon]

You realize the JVM and a Java application are not the same thing, right? And I'm not saying the Register article is wrong, but I would take with a grain of salt anything Microsoft has to say about Java.

Re:Some "current info." 4U to read then

FYI, Java isn't an acronym. Don't capitalize it like one.

Re:Some "current info." 4U to read then

[swillden]

Java tops for hackers, warns Microsoft:

Umm, yeah, like there's no bias there. Find me a reputable source for those statements.

Java Apps Have the Most Flaws, Cobol the Least:

Complete red herring. That article isn't about security flaws in the JVM, it's about programmer errors in apps written in Java. It's also a really, really poorly done study.

Some "Food 4 Thought" in regards to your statement requoted here next

Nope. Try again. But see if you can find something *real* this time (you can't).

If this was microsoft

If this was microsoft this comment would have been marked +5 "insightful". google shills have really taken over.

Re:If this was microsoft

Ehm, microsoft did exactly this and called it 'ActiveX'. Unfortunately it had all kind of security flaws, and was restricted to one platform. Those were the main reasons it got burned down, not because of the name stamp per se.

Silverlight, although strictly speaking not native but close enough, was given all chances, but Redmond decided to screw it - i mean - stop the project themselves.

NaCl gets frowned upon a lot, too, but might be worth giving a chance as anything is better than flash. First see, only then burn, please.

Re:If this was microsoft

anything is better than flash. First see, only then burn, please.

So, you're waiting for shitty animated ads and intro pages using NaCl?

Re:If this was microsoft

ActiveX originally had no sandboxing. It was signed and that was it. All the security was up front; the idea was that people would only install software from trusted sources.

NaCI is nothing like ActiveX or Silverlight. I dunno whether NaCI will be a success, but I expect there will be many security issues with the un-sandboxed code that implements the APIs for NaCI sandboxed apps. Security is fundamentally about exposure. You can have the most rock solid security model, but the more code needed to implement the model the higher the risk because bugs *will* happen.

Re:If this was microsoft

ActiveX wasn't sandboxed the way NaCl is. Their security model was based on signatures from trusted authorities - but the signed application had the capability to do all sorts of awful things.

Google's taken the opposite approach: developers are untrusted, and don't need authentication. The sandbox is limited so that code physically cannot do those awful things, regardless of who signed off on it.

Whether or not they've successfully limited the sandboxed code to harmless actions remains to be seen, but indications thus far are pretty good.

Re:If this was microsoft

When you are comparing NaCl to ActiveX I assume you are not aware that the native client sends calls to HTML5.

Basically, NaCl runs on top of HTML5, so as long as HTML5 is safe, NaCL will.

Furthermore, the Native client is open sourced and already running on linux, mac and windows. PNaCL will bring llvm portable code across all cpu architectures.

Re:Enough with the "sandboxing is perfect" bullshi

Sandboxes aren't the only solution, and only a fool employs only one layer of security alone, trusting that the sandbox in and of itself will stop any possible attack. In the same way, however, sandboxing is a great tool that does block of lot of more obvious problems, and throwing it away unnecessarily would be just as foolish. The article is about a native client that doesn't use sandboxing; they've removed a layer of defense and reduced the number of techniques being used to ensure the security and safety of their systems. The tradeoff is for speed on some calculations, particularly video rendering: games. Sacrificing a layer of security for games. That might be okay for home users who want to play the latest in-browser version of Zeus-Kelihos' Fantabulous Iranian FarmVille 3D: Sino-Russian Winter Edition on their own machines, but it's got to rub corporate IT the wrong way.

Re:A plugin to rule them all..you for got the rest

[bussdriver]

One plugin to rule them all, one plugin to find them,
One plugin to bring them all and in the "sandbox" hack them.

It is surprising no one thinks of bytecode.

[master_p]

It is quite surprising that, up until now, no one has thought of using a bytecode solution, that guarrantees portability and performance.

We have gone from the one extreme, i.e. an interpreted dynamic language, to the other extreme, i.e. native code. There is a sweet spot in between, that of bytecode, that offers portability and good performance on par with native code, and also better security than native code.

Re:It is surprising no one thinks of bytecode.

They have. It's called Java.

Re:It is surprising no one thinks of bytecode.

I think you're forgetting about JVM and MSIL, both bytecodes that have been proposed for running code on the web, not to mention the Flash virtual machine which thus far has been the most successful mechanism for executable code on the web after JavaScript.

Re:It is surprising no one thinks of bytecode.

[Guspaz]

Haven't they sort of? Google plans to use LLVM to make it portable (an intermediate form that can be translated to different instruction sets as needed), Microsoft uses CIL with Silverlight (which as much as the Linux community might not like it, is opensource and supported by the two top desktop platforms), Java has their own thing going...

Re:It is surprising no one thinks of bytecode.

[master_p]

But there is not a web bytecode standard. And I think LLVM cannot be used for JIT.

Re:It is surprising no one thinks of bytecode.

[Guspaz]

If you can natively execute LLVM after an initial translation step, why would you want to JIT it?

Re:Enough with the "sandboxing is perfect" bullshi

[grumbel]

Sensible people, on the other hand, see sandboxing as just one more tool in the toolbox.

So please enlighten us. How do you run untrusted code on your machine without some kind of sandbox?

Broken on XP for me

[Cato]

Unfortunately I get the message "requires an OpenGL card" on Windows XP SP3 with an NVidia GTX260, which definitely has working OpenGL. I've seen reports of this problem on MacOS too.

Hope Supergiant Games can fix this - since this is a web-delivered application, I'd hope they can grab hardware/OS details, with user permission, to help in resolving the issue.

Re:Broken on XP for me

Ditto for me. Same OS, but an even older NV gfx card – not so old that it doesn't do any OpenGL, though. I didn't expect a current game to work with it in the first place, but I don't get why not a single app in the Chrome Webstore mentions any minimum requirements. If for example Supergiant Games wants to let me know that my PC is too old to play its games, wouldn't it make sense to inform me which OpenGL version a new gfx card needs to support at least instead of claiming I don't have an OpenGL card at all?

It's actually a good idea

[TobiX]

Think of how most developers are using Javascript nowadays: it's a target language for their compilers.

Whether the source was Java (GWT compiler) or Javascript itself (YUI compressor, Google closure compiler) the fact remains that what browsers are given to run is not what the developers wrote. Which is standard practice in the software business (it's called compilation) and for good reasons.

Now, JS makes for a poor machine language. So we could either beat around the bush with an intermediate bytecode language (Java went there, and Python and all the others too, with varying results) or go for the real thing and come up with a good x86 sandboxing and code verification standard.

Remember, x86 is currently in use by 99% of desktop machines. When other architectures will gain momentum, websites will just offer two or more compiled versions of their code. In the mean time, they will just have to emulate or translate the x86 instruction set, a task for which a large open source code base has already been developed, and which would still be more efficient than parsing plain Javascript, by several orders of magnitude.

So what's the problem with that, again?

... security reasons

[Lazy+Jones]

He said Google wants to bring native applications to the Web for performance and security reasons,

Perhaps it's just me and the security advantages of running native code instead of JS or anything on the JVM are immediately obvious to everyone else, but this sounds like Google is somewhat out of touch nowdays and lets marketing people "sell" the technology decisions to geeks...

Broken

I own Bastion already on Steam. It works perfectly fine. I thought I'd give the Chrome demo a shot. Nothing but a black screen in-game. Don't waste your time for now.

Re:Broken

[thePowerOfGrayskull]

I own Bastion already on Steam. It works perfectly fine. I thought I'd give the Chrome demo a shot. Nothing but a black screen in-game. Don't waste your time for now.

I do not think this word means what you think it means.

Re:Broken

[Guspaz]

Truly, you have a dizzying intellect.

Re:Broken

[thePowerOfGrayskull]

How perceptive of you! My good sir, I often make myself dizzy in mere contemplation of the vastness of it!

Infinity

[iliketrash]

'What would it be like if we could run native code inside the browser..."

This sounds awesome. Maybe I will finally be able to run a browser inside my browser.

Less more "biased" than Google's

"Umm, yeah, like there's no bias there. Find me a reputable source for those statements." - by swillden (191260) on Saturday December 10, @10:09AM (#38325754) Homepage

Security study of FireFox -> http://news.slashdot.org/story/11/12/10/1349212/google-funded-study-knocks-firefox-security except that MS' study uses a program to perform its checks... rather than just make statements.

PLUS: The test was done by a PROGRAM testing for flaws, & whatever results it put out, should be laid to blame as the "biased" tool, not Microsoft (who are pretty reputable after all, being one of the largest software oem's in existence).

---

"Complete red herring. That article isn't about security flaws in the JVM, it's about programmer errors in apps written in Java. It's also a really, really poorly done study." - by swillden (191260) on Saturday December 10, @10:09AM (#38325754) Homepage

You missed this portion of that article regarding the JVM itself, here's the "pertinent quote":

---

"The JRE contained some of the most common exploits, he said. Vulnerabilities in the Java Virtual Machine (JVM) and Java Development Kit (JDK) for Java SE were also popular targets. Between a third to a half of all exploits detected by Microsoft's anti-malware were Java exploits."

---

Also - Does it MATTER where the flaws come from?

Flaws are flaws, be they in SUN Java's VM, or in the code written that is interepreted by the Virtual Machine...

THUS, it wouldn't matter WHERE THE ERRORS COME FROM, they cause hassles for END USERS... period!

---

"Nope. Try again. But see if you can find something *real* this time (you can't)." - by swillden (191260) on Saturday December 10, @10:09AM (#38325754) Homepage

This is as "real" as it gets (though I prefer posting real-world practice findings as I did above & in my initial post you replied to) -> http://secunia.com/advisories/product/12878/ & you can check NISTS' National Vulnerabilities Database for the same type of information if you wish...

APK

P.S.=> I posted the last link, since it seems you're more of a "statistics man" apparently, & because you wish "unbiased sources"...

So, the last link above is exactly that (SECUNIA's db for unpatched security vulnerabilities & specifically for JAVA)...

... apk

Re:Less more "biased" than Google's

[swillden]

THUS, it wouldn't matter WHERE THE ERRORS COME FROM, they cause hassles for END USERS... period!

The subject of the discussion was whether or not sandboxes work. Programming errors in code running in the sandbox are irrelevant to that topic; what matters is whether or not malicious software can break out of the sandbox.

This is as "real" as it gets (though I prefer posting real-world practice findings as I did above & in my initial post you replied to) -> http://secunia.com/advisories/product/12878/ [secunia.com]

Wow a total of four vulnerabilities discovered in 2011. Thank you for making my point.

Java VM's problems noted in article

You missed this portion of that article regarding the JVM itself, here's the "pertinent quote":

---

"The JRE contained some of the most common exploits, he said. Vulnerabilities in the Java Virtual Machine (JVM) and Java Development Kit (JDK) for Java SE were also popular targets. Between a third to a half of all exploits detected by Microsoft's anti-malware were Java exploits." from http://www.theregister.co.uk/2011/12/02/microsoft_java_vulnerabilities/

---

The article says it all for me, vs. your stating this earlier here in this exchange:

"That article isn't about security flaws in the JVM" - by swillden (191260) on Saturday December 10, @10:09AM (#38325754) Homepage Journal FROM -> http://games.slashdot.org/comments.pl?sid=2567136&cid=38325754

So much for THAT, eh? I say that, because what's JUST ABOVE IT IN MY REPLY HERE, direct from the article, just puts your words back in your mouth

APK

P.S.=> Sandboxes get broken, even Java's before -> http://developers.slashdot.org/story/04/11/24/1323228/Cross-Platform-Java-Sandbox-Exploit

( ... & yes, the Java VM (& other portions around it) have unpatched security vulnerabilities, even the latest models, per my sources on that also)

... apk

Re:Enough with the "sandboxing is perfect" bullshi

[MadKeithV]

Sensible people, on the other hand, see sandboxing as just one more tool in the toolbox.

So please enlighten us. How do you run untrusted code on your machine without some kind of sandbox?

Root someone else's machine and run it there.

Re:A plugin to rule them all..you for got the rest

[MadKeithV]

Like Tolkien wrote years ago: Ash NaCl durbatulûk, ash NaCl gimbatul, Ash NaCl thrakatulûk agh burzum-ishi krimpatulgoogle.

Technology Technology is too strong

[Taylorz1]

They are really strong technological strength,Envy ah!cheap ugg boots