The Null Device

Posts matching tags 'chrome'


Recently, the annual Pwn2Own contest took place; in it, participants try to take over a computer by exploiting security holes in a web browser, and capture the flag (in this case, a file on the computer's hard drive). This year, all the browsers but one fell; Firefox 3.6.2 (though it's not clear whether NoScript would have mitigated this), IE8 and Safari all fell; one of the hackers even pwned an (un-jailbroken) iPhone and made off with the SMS database. The one browser that remained standing: Google Chrome, not because it's bug-free, but because the sandbox mechanism makes exploiting bugs impractical:

"There are bugs in Chrome but they're very hard to exploit. I have a Chrome vulnerability right now but I don't know how to exploit it. It's really hard. They've got that sandbox model that's hard to get out of. With Chrome, it's a combination of things - you can't execute on the heap, the OS protections in Windows and the Sandbox."

chrome firefox iphone security 0


WIRED has a piece by Steven Levy looking behind the scenes of Google's Chrome web browser project:

Because Chrome was supposed to be optimized to run Web applications, a crucial element would be the JavaScript engine, a "virtual machine" that runs Web application code. The ideal person to construct this was a Danish computer scientist named Lars Bak. In September 2006, after more than 20 years of nonstop labor designing virtual machines, Bak had been planning to take some time off to work on his farm outside Århus. Then Google called.
Bak set up a small team that originally worked from the farm, then moved to some offices at the local university. He understood that his mission was to provide a faster engine than in any previous browser. He called his team's part of the project "V8." "We decided we wanted to speed up JavaScript by a factor of 10, and we gave ourselves four months to do it," he says. A typical day for the Denmark team began between 7 and 8 am; they programmed constantly until 6 or 7 at night. The only break was for lunch, when they would wolf down food in five minutes and spend 20 minutes at the game console. "We are pretty damn good at Wii Tennis," Bak says.
Speed may be Chrome's most significant advance. When you improve things by an order of magnitude, you haven't made something better — you've made something new. "As soon as developers get the taste for this kind of speed, they'll start doing more amazing new Web applications and be more creative in doing them," Bak says. Google hopes to kick-start a new generation of Web-based applications that will truly make Microsoft's worst nightmare a reality: The browser will become the equivalent of an operating system.
Google also brought in reinforcements to implement the multiprocess architecture that allowed each open tab to run like a separate, self-contained program. In May 2007, it acquired GreenBorder Technologies, a software security firm whose technology was designed to isolate IE and Firefox activities into virtual sessions, or "sandboxes," where malware intrusions couldn't mess with other activities or data on your computer. When the deal was announced publicly, tech pundits wondered whether it meant that Google was going into the antivirus business. Only after the acquisition did GreenBorder's engineers learn that their job was to construct sandboxes for the tabs of a new browser. "It was confusing," says Carlos Pizano, one of the GreenBorder hires. "They would not say what they wanted to sandbox."
Meanwhile, the Chrome beta's licensing agreement apparently gives Google rights to use anything you create using it for promoting its services. This alarming clause appears, however, to be the result of an oversight; the licensing terms appear to have been copied from Google's web applications, and make little sense for a BSD-licensed open-source web browser (after all, anyone who doesn't like the EULA could produce an EULA-free though otherwise identical version of the browser merely by recompiling it from the source).

chrome google tech web 0


Google are apparently working on a new web browser. Named Chrome, the browser is designed more like an operating system which happens to be based on web technologies like DOM and JavaScript than a traditional browser; different pages are separate processes (and about time, too) and privileges are compartmentalised to fortify security. Meanwhile, the web rendering implementation is based on WebKit (the Apple/KDE open-source web engine), with a JIT-compiling JavaScript engine optimised for application from a Danish company named V8 (I wonder how it compares to Apple's Squirrelfish and Mozilla's new engine). Alas, there's no code available (and the URL given returns a 404); instead, Google have given us a beautifully drawn 38-page comic by Scott McCloud, illuminating the technical innovations and the reasons for them, in great detail and with no small amount of humour:

That's all the detail that seems to exist so far. There is a possibility that it's just an elaborate feint; Google could, in theory, have paid McCloud some huge sum to draw a comic to specification, peppered with technical versimilitude, purely in order to send Microsoft/Apple/Yahoo!/whoever's development teams on a wild goose chase. Though I suspect that there is an actual product there. For one, Google are known to use WebKit on Android. More importantly, though, a browser designed as a web application operating system (with the expectations of performance and stability that implies), rather than an information viewer with programmability grafted on as an afterthought (as is the case with current browsers), would line up rather nicely with Google's strategy to make the web into a first-class application platform.

There are no details on what platforms Chrome will run; it is open-source (and other projects, or those willing to fork those, will probably have a field day with this), and the comic does mention Windows in one place, so presumably a Windows version is planned. I'm guessing that Google aren't doing this to help Microsoft sell Windows licences, though, so presumably this is not the only version planned. A Linux desktop version, running on top of X, is probably likely. Another possibility is it running over something lighter than the average Linux desktop, making a robust web-browsing appliance on which the browser meets the conventional definitions of an operating system; either Android or some other lightweight OS.

The other option, of course, is that this is an elaborate hoax, akin to the Photoshopped "spy photos" of new Apple Mac tablets and other fantastic gear that are a regular feature of gadget blogs. The fact that Google's Chrome page doesn't yet exist (at time of writing) does suggest this possibility. Though this would imply that the hoaxers had an enormous amount of time on their hands, excellent comic drawing skills and an uncanny mastery of the drawing style of Scott McCloud.

Update: Google have confirmed Chrome. It's initially a Windows product (presumably to win market share before IE8 comes along and shuts off Google's oxygen with its advertising cookie blocker), though Mac and Linux versions are in the works. The Windows version will apparently be out tomorrow.

(via /.) chrome comics cs design google javascript scott mccloud tech vaporware web 3

This will be the comment popup.
Post a reply
Display name:

Your comment:

Please enter the text in the image above here: