Google's Chrome OS does not run local applications or store local data. Everything is handled inside the browser. But when the much-hyped operating system debuts on netbooks at the end of next year, you can bet it will execute native code on behalf of online Google applications such as Gmail or Docs and Spreadsheets. In other …
Linux Security Modules
are a great technology that can be used for safely executing untrusted native code at full native speed. LSM intercepts all operating system calls and thereby enables a browser that uses LSM to control what a native-code applet does.
This of course implies that all system interaction (such as accessing the screen, the net and the input devices) is controlled by the browser and performs some additional checks. Very similar to the Java Security Manager. Except that one does not need the sluggish JVM.
I am not sure whether Windows Vista or W7 does have an equivalent technology to LSM, but there is no reason to wait until Windows catches up. Google is playing the consequent innovator currently and it pays off in their quest to get more and more data from the user in a perfectly machine-readable form. Nevertheless, the idea is great and it is needed for things like downloadable high-speed games or downloadable CAD applications. LSM provides the basic technology and it is high time to make native and secure browser applets possible. The Java cancer is not needed at all.
Why so angry at Java? Think it sucks? Stick to your crappy C++ life then and keep your vitriol too...
Oho, Java sluggish?
We're not with the times, are we? Java 1.4, released circa 2001/2 was the last of the sluggish VMs. Java 5 was good, java 6 is fantastic. At least make sure your vitriol is current...
Now I see Google more in the likes of AOL/Compuserve and Microsoft: you have to use their "browser" to use their services and they keep pushing new ActivePlugins(TM) to improve your experience.
Soon Google will send out free CDs containing Chrome.
Later we'll just type "ELREG" on the address bar to access this news ActiveChannel. Oh wait, it isn't 1999!
And dear Moderatrix, we need a "Evil Google" icon.
Gates -- should be Schmidt, Page or Brin.
ActiveX/Flash/Compuserve/... were/are closed systems, vendor lock-in. Google has the code open, so there can and will be ports to other browsers.
They are just creating an open system, but I see you'd rather use closed systems just because they are more popular at the moment or come from your dear friends at MS/Adobe/...
More crap aimed at putting everything in the hands of the application provider instead of the user. Google is the Microsoft of the second decade.
re: Googletubes 3.0
"Soon Google will send out free CDs containing Chrome."
Ooooh, good-o! New coasters!
I've started seeing ads for Google Chrome by the side of the road. Not online ads, these are billboards, printed, on real-world advertising hoardings.
This from the world's biggest online ad broker. From a company who's name has become almost synonymous with T'internet. A company EVERYONE has heard of.
So now they feel the need to advertise their browser offline? Just what the fuck are they playing at...?!
"They are just creating an open system"
... that is capable of grabbing so much more information about you for storage in the Big Brother archive. Be scared. Be very scared. MS for operating systems only, Google for search only, Apple for iPod tech only... too much of any one is bad for your privacy.
forgot to ask
i can has x64?
NaCl => Sodium+Chlorine = Salt?
If memory serves, isn't NaCl the chemical formula for Salt?
Is that what they'll call the language/environment?
if memory serves, SALT was the name of the scripting engine in the Telix communication program back in the DOS 90's.
Hobby horse, spotted
Well, Cade, that's three articles from you knocking Google in less than 24 hours. Are we starting to spot signs of an obsession, or an agenda?
It is just that Cade has seen through the facade and spotted the evil empire. The chocolate factory might just be on a blockade at the moment, but in a few movies time they will be building death stars.
What is wrong with these guys? The requirement is for a way of sending instructions down the wire to be executed at near-native speed on the client without the client having to trust the server.
The JVM is a direct attempt to solve this problem, with verifiability and sand-boxability designed in from the start and no attempt to "optimise" (read: constrain) the ISA for a particular subset of applications. The technology is mature, proven, open, and is available on quite possibly more platforms than Google's own website. (Java sucks, but that's another matter.)
Script, .NET, ActiveX, Flash and the others either duck the security issues or specialise for a subset of applications, or both. Embarrassingly, most of them post-date the JVM but ended up significantly less capable. It looks like Google are about to join the idiot brigade.
Their reluctance to use the JVM demonstrates that they don't like one or more of these attributes. I wonder which it is? Probably not "mature" or "proven" or "available".
Yeah, but it's still crap.
With version compatibility issues and terrible performance, this is still Sun (or, worse, Oracle's) managed playground, not to mention crime against humanity.
It's a pity really - great utopian concept, scuppered by poor execution.
Reluctance to use the JVM
Well, if they don't use the JVM it is much harder for others to add value without reference to Google. After all, if you are forced to use a Google language, you are also restricted by its capabilities (or lack of). Give people Java and they'll be getting up to all sorts of mischief. Its about control, after all.
Lets see the evidence, or it aint so!
Correct me if I'm wrong but isn't that abbreviation already taken by oh, I don't know...table salt?
In other words...
... Google has realised the limitations of trying to do everything over the web and is trying to bypass this by getting people to download single-use instances of applications which require processing power which can't be had while running in an interpreter.
Having taken a look at Chrome OS I saw nothing new, innovative, or interesting -- frankly my E71 running the now almost-retired Symbian is much more functional and "exciting".
Unfortunately, I've a nasty feeling that Google's new version of WinCE in kiosk mode will take off and we'll have an even bigger push towards storing everyone's data in a multitude of databases scattered around the planet.
Didn't MS try this?
I'm pretty sure MS tried a similar thing, by having hooks into the OS\Browser that only they knew about and so could leverage better performance than their piers. I'm also sure this was found to be illegal on anti-competition grounds?
Virulent Guerrilla Opportunity Knocks and Crashes through Cracked Windows and Open Doors.
NaCl ...... Virtual SALT Controls ...... with GoGoOgle Leading Nations and Natives SMARTly and Subliminally with SMARTer Acting Sublime Natives in Nations Providing InterNetional InterNetworking Security Stealth Protocolled Programs ........ for AIRecursive Virtual SOSOS .... Shining Open Source Operating System ...... Sparkling Chrome?
Although you can be sure that there will be those who will recognise that as being a very Spooky Application in ProgramMING too. Indeed, in Larger IT Fields [and that may be a lot easier for Earthlings to Accept as Existing and Leading with Future Events, rather than them being either Further Easily Confused or Unduly Crazily Alarmed about All Powerful Underground Alien Chatter in HyperRadioProActive CodeXSSXXXX Channels] it may even be a Native Client Application making Beta Use of Google's Largesse and Running ITs BIGCHEESE Corporate Security Client Software ...... Virtual Phormware ........ for Stealthy Sublime Semantic Capture of Futures and Derivative Markets in ITs Vibrant IntelAIgent Business Enterprises.
""To help protect users from malware and to maintain portability, we have defined strict rules for valid modules," Google said when it first open sourced the project.
"At a high level, these rules specify 1) that all modules meet a set of structural criteria that make it possible to reliably disassemble them into instructions, and 2) that modules may not contain certain instruction sequences. This framework aims to enable our runtime to detect and prevent potentially dangerous code from running and spreading."" ...... It would be helpful/informative and enlightening to know the criteria and the certain instruction sequences which are referred to here, or are they to remain undisclosed and unarticulated as proprietary trade secrets for traditional competitive business advantage, and thus only to be guessed at?
"But Google is going to do what it's going to do. As he discussed the possibility of hardware acceleration on Chrome OS at that November press conference, Matthew Papakipos went so far as to say: "We do think Native Client is an important part of this story." Not that he was ready to go into detail. But surely, we can connect the dots." .... If Google is as Smart as it Needs to be to Lead from the Front with everyone Following ITs Native Clients' Visions on/in a Browser [and "in a Browser" is an important pedantic point to consider for Humanity to Make Full Use of the Future Virtualised for Real] then the dots will be Remotely Controlled to Draw for Painting whatever Picture Virtual Machinery Controllers would wish to Present as AIBeta Future Program.
"Later we'll just type "ELREG" on the address bar to access this news ActiveChannel .....Googletubes 3.0" Renato Posted Thursday 24th December 2009 05:52 GMT
Type it into any address bar nowadays, Renato, and you have the Future revealed to you, and One can InterReact with ITs Active FutureBuilders XSSXXXXChanging Qubits and Great Bytes of Code and Information for Intelligence to Map and Chronicle and Share CyberIntelAIgents Progress in AI and QuITe Alien Quantum Control and Communications Fields .... Live Operational Virtual Environments.
Now all IT needs is for MS to get its Act together and do what it does Best and Launch AI Private Pirate Program with Cloned CodeXSSXXXX. Or is that something Larry "Oracle" Ellision will Sail with into the Fray? And don't misunderestimate an Opera in the Key of Apple which can Sing a Song in Tune with the Masses and move at Whopping Warping Light Speeds, unhindered by Anchors and Excess Baggage. ........ but one thing is certain, their Success or Failure to Capture the Future will always depend up the Intelligence of One Being ..... and that is invaribly the One who makes the Mergers and Acquisitions Decisions and writes the Checks and Balances and of course, the Cheques. :-) ..... when Money makes the World Go Round ..... although it all goes Catastrophically Pear Shaped whenever Intelligence is Missing and Avaricious Greed occupies Birds' Nests.
Obviously, the earthlings may not "get this" though.
Smart Suffrage or Global Collapse ..... Fortunes Made or Ruined at the Click of Mighty Mice.
"Obviously, the earthlings may not "get this" though." ..... Tom 106 Posted Friday 25th December 2009 18:34 GMT
The Information is not Geared for them Currently/Presently, Tom 106, but rather more for They Who/That Which would/can Sublimely Control Them Effortlessly. Big CH Ease for the Binary Industrialist into Google Copernicus Hosting Environment and Experiment in Search Engineering.
In NEUKlearer HyperRadioProActive IT, which with Quantum Control of Communications Delivers Transparency with a Big Bang Bus for Universal Singularity, is that for Native Clients a Strategic Alms Radical Transmission.
In SMARTer Enabled and Enabling Field Offices of CyberIntelAIgent Security such is AI START rubbing SALTs into Dumb and Dangerous CyberWarfaring Games Rooms'Open Wounds/Solo Cracked and Military Intelligence Community Hacked Systems. And of course, there is a Healing Salve readily available, too.
Welcome to All Playing the Great Game for Real, and Virtually in Control Remotely of ITs Shared Transparent Quests. And the Point of the Game is to Create an Altogether Better Beta Power System which One Donates to Others for the Exercise of Absolutely Fabulous Mutually Beneficial Control.
- "New ActiveX": Also known as NPAPI? NPAPI is old and too complicated. But seriosuly this idea is nothing new.
-"Run code natively": Wasn't this what browser have been aiming all along?
New ideas? Hardly. JIT and VM are the tech used in Java and .NET.
So what does it all come down to?
Propriatary/custom (albeit over-hyped as "open-source") technology which few services may tap into.
Google Chrome OS is NOT for the web. It is a separate product.
Maybe call it Web 3.0 or something. But it doesn't and won't use the current technology.
More Guano than Bull in a Shit Bear Market ..... to Replace Empty Rhetoric with Promised Change
"Google Chrome OS is NOT for the web. It is a separate product." ..... Bull SHIT, uuf6429 Posted Thursday 24th December 2009 11:27 GMT
It would not be wrong to say that it is a separate product for Strata in Cloud. A statement which a simple question of the appropriate Google hierarchy would/should/could confirm as any denial would be rather pointless whenever a Native Client would be actively using the Concept Beta as such, in ITs Programs.
I Don't Get It...
If their goal is "write once, run anywhere" then how is NaCl any different to platform-specific pre-compiled Java? (i.e., no JVM needed). And if their goal is "write many times but run fast" then how is that different from downloading and running a native app?
Why do Google feel the need to further fragment the Web when writing native client apps would be easier and better? As my title states, I don't get it.
Or in other words...
...Google knows the difference between "idealism" and "pragmatism".
For example, here is the corrected version of a quote from the article:
"After the release of Chrome Frame - which essentially put a [standards compliant] browser inside a [non-standards compliant] browser..."
Cade, we all get it that you feel the need to put a negative spin on anything that Google does but whatever it is you need to just move on.
Looking at the thumb-ups and downs there are sadly enough tinfoil hatters here to justify the drip-feeding of Google-is-evil stories but could you please at least separate them into a commentary section so the rest of us can just read the news?
not the point
The problem with Google Frame is that it increases the level of complexity for the end user. The user is suddenly running Chrome but everybody who doesn't explicitly know that will assume they are running IE.
That opens a whole can of worms as far as security is concerned.
Not to mantion hat complexity is the enemy of secure design.
Seeing a bogeyman around every corner must be a pretty depressing way to live your life. Do you perhaps suggest that Google instead not bother writing any plugins, and wait for browser makers to catch up?
Hmmm all we need is a distributed peer to peer search engine type o' database jobbie and we can say good bye to google and their witchcraft pretending to be opensourcery.
Google will need something to compete with MS Office online's use of Silverlight and "native client" is the cleverly named plugin that will help them in this respect. Nice to hear developers come to word with their concerns.
The market will go for the fastest solution. Security is still an afterthought in most of our minds and companies will be able to get away with promising improvements in the next version.
In other news
I have this round thing that rolls along and has real potential for transport applications - I'm so surprised that no-one thought of it before now.
@Those mentioning Sodium Chloride:
You might want to go back and look at the article with the images enabled. ;~)
" With the next preview release of Opera 10.5, it will add support for native video codecs, mirroring what Mozilla has done with Firefox. "
Praytell... will that mean adding in another set of codecs for each video type, or will it happily share the codecs that I installed for VLC?
The system _may_ shield the native code from the OS, however it cannot shield it from the CPU. In an ideal world this shouldn't matter, however there have been many cases of security critical CPU bugs. The most famous one was the FOOF-bug where a certain sequence of instruction bytes could simply put the CPU to a halt.
Now with multi-core CPUs and shared caches, it doesn't seem to be unlikely that there are whole new classes of bugs which might be exploitable.
What is the problem of downloading, for example, forth code and then simply compiling it for your platform. Seriously in times the main problem is memory bandwidth, optimisation of code speed becomes less important.
Mozilla already did this
[...]Google is playing coy over the role of native code in its fledgling OS. But the company says its Native Client project - which executes native code inside today's Google Chrome web browser[...]
Which then allows you to do stuff like this:
You are plainly WRONG. Linux Security Modules are as much a sandbox as the JVM or the .Net VM. Every single OS call, including the call that increases process size, can be intercepted and checked for correctness. SE Linux, for instance, allows you to execute untrusted binary code safely, based on LSM.
Native code can even be hand-coded Assembler and that is often 10 times faster than a similar piece of C code or 40 times faster than similar Java code. Especially if you use SIMD instructions such as SSE. There is a big need for natively executed, untrusted code.
Regarding the instruction set issue, the pragmatic way is to just compile the C source code into every important CPU instruction set and have it available on the web server that hosts the applet. Some sort of automatic mechanism of selecting code for the respective platfrom can be trivially implemented. If there is any assembly code, hard work is needed, though. But that is the price you pay for highest performance, obviously.
Arm? Mips? IA64? amd64?
The problem with native client is that although google plan to support x86 and arm, what about other architectures? Will we be forever tied to x86 and arm? The chinese make a good line of cheap low power mips based processors...
Also, even tho the platform may *support* 2 architectures, it will be up to individual developers to compile their code for both... How many sites using this will actually bother to support more than just x86?
One of the best points of web based applications is that they free you from being tied to one platform, and while google's plans may free you from software lock-in, they will create a new form of hardware lock-in.
As for performance of native code, i doubt it will be able to take advantage of special features present in modern cpus, for instance *some* arm processors have video decoding or encryption processing hardware but precompiled binaries will have to be lowest common denominator to support the widest range of target systems. A JIT compiler like java can theoretically take advantage of such features.
Also, google have tied android to a java based system...
Wouldn't it make more sense for google to work with the openjdk folks to improve java?
Sounds like a signed Java archive to me.
What is the web anymore?
There was a time when the Web was about setting up a way of sharing content, via hyperlinked documents, that could be rendered somewhat consistently on any platform.
It almost seems like the proliferation of webservices and increasing levels of functionality (complexity) being wedged into the browser are as much of a ploy to get around the network firewall security nazis as it is to usurp OS's and application platforms. In the old days, if I wanted a client server app to pass data over the Internet, I would establish a protocol, secure it with some sort of encryption, reserve a port and let my networking guys know that the port needed to be mapped to a server.
Getting back on point - if Google wants to make an application platform, they should start from a clean slate and quit encumbering the web. HTML5 has some elements of this (sockets, media rendering) but it's not enough, it's creaky, inelegant and has a lot of the traits of something that has been kludged by committee over time.
Developers need a real, distributed application platform. Stateful connections (without cookie lameness), straightforward persistence, consistent and known media formats, data interchange without having to muck about using XML or JSON, scalable vector graphics, a consistent UI toolkit. All this sort of sounds like what Java could have been, but the execution was a failure. Google can make this happen. They can build runtimes for Windows, Mac and Linux. Better yet, Google could create its own OS to optimize the implementation (but it should be more than Chrome running as a shell on top of Linux). This could finally be the thin-client solution shops have been promised for time-immemorial.
Going forward, keep the new releases well-versioned. Major new functionality (touch support, speech recognition, 3D, new media formats) should be major releases; minor functionality and bug fixes should be minor.
The native code browser add-in approach described seems like the same bad idea of making a browser and the web do things they were not designed to do, with the historical precedence of Netscape plug-in's, ActiveX and Flash. Start over.
Nobody has mentioned HTML5 offline... combined with NaCl and offline cache/USB devices, you'll be able to edit video/photos offline, almost able to do anything you could with a normal PC.
What use is all this from Google, for those that like to work with their machines switched off from the net?
Seen a lot of billboards here in the UK advertising the Chrome browser. Whats that all about? My theory is: Google plan to launch some features of the Chrome OS for other OS's, but will only make this available via the Chrome browser.
Hear hear, very little is ever mentioned about the fact the internet is not high speed EVERYWHERE.
As much as one might like to use a web only OS with what amounts to activeX to use native code, there are still very large areas of the world without ANY BROADBAND.
Here is a list of some areas that are lagging behind:-
Spain (in a big way)
All of the middle east share a 128 Kb connection (or so it feels like).
Portugal in large areas
UK in non-urban areas (less so now but still true for some)
Evil google, not really, but they dont make me want it. Why waste all my laptop power on web only apps or get a netbook and be stuck with only online. Why cant i use a text editor to do some code on the train. Why cant i use offline video viewing tools, since i pay through the nose for bandwidth.
Please, please, please....
.....can the hideous photographic link for this story be removed from the front page? I read this site when I'm eating my lunch, y'know?
I don't need that pair of fuglies staring at me - it's making my feckin eyes water....
- Does Apple's iOS 7 make you physically SICK? Try swallowing version 7.1
- Fee fie Firefox: Mozilla's lawyers probe Dell over browser install charge
- Pics Indestructible Death Stars blow up planets with glowing KILL RAY
- Video Snowden: You can't trust SPOOKS with your DATA
- Review Distro diaspora: Four flavours of Ubuntu unpacked