From a research project to a product?
1 view
Skip to first unread message
Ral...@googlemail.com
Dec 11, 2008, 4:10:24 AM12/11/08
to Native Client Discuss
NaCl is currently a research project of google. As a research project
and as a project of google there is a high chance it will be
abandoned.
So my question is how likely is it the research project will become a
"product" and how will you try to push it to the users?
An obvious way is to deliver it with Chrome. But I guess this is not
enough, it would be really helpful if Firefox would include it in the
installation, too.
As I really, really like it - I would love to see this as a standard.
It would finally remove nearly all artifical restriction of current
web-apps. Personally I consider many current web-apps a toy. While a
web mail clients like google mail is a nice thing, other serious
software like picture/video/audio-editing, games and business software
is limited to a performance compareable to 8-bit computers from the
80s. A "word processor" as a web-app is a joke. Basically you rely on
an existing functionality in the brwoser (design mode). This means it
is _fixed_. You can not extend it beyond a certain point, without
changing _all_ browsers. So, IMO something like NaCl is already
overdue.
Acutally, a sandbox like NaCl is probably the only secure way for
nearly all software.
Something like UAC from Vista does no longer match the requirements of
an operating system (Linux/Unix/MacOs is in _no_ way better!).
The fundamental problem is this:
Current operating systems isolate processes and access rights by
_users_ and not per process!
What does it helps if a process can not modify a system file, but is
allowed to send all my data to a third person?
So, IMO every program executed should run in a sandbox! The sandbox
should be designed this way that a program by default can only see its
own files , its own processes, ... The program "thinks" it is the only
program running on a computer. Every access to data not written by the
program itself has to be explicit requested and is granted on a per
file/directory basis. So, even if I as a user give access to some of
my documents to a malicious program, it will never have access to my
saved passwords, email, etc. In addition it should only be possible to
launch a program from specific directories.
Well, I think all this is the job of an operating system and not a
browser. A browser should run in a sandbox supervised by the OS and
not the other way round. But what does it help if all OS-makers just
rely on an outdated security model and are to narrow minded to really
think of alternative models - and finally _deliver_ a solution...
So, google please go on!
and as a project of google there is a high chance it will be
abandoned.
So my question is how likely is it the research project will become a
"product" and how will you try to push it to the users?
An obvious way is to deliver it with Chrome. But I guess this is not
enough, it would be really helpful if Firefox would include it in the
installation, too.
As I really, really like it - I would love to see this as a standard.
It would finally remove nearly all artifical restriction of current
web-apps. Personally I consider many current web-apps a toy. While a
web mail clients like google mail is a nice thing, other serious
software like picture/video/audio-editing, games and business software
is limited to a performance compareable to 8-bit computers from the
80s. A "word processor" as a web-app is a joke. Basically you rely on
an existing functionality in the brwoser (design mode). This means it
is _fixed_. You can not extend it beyond a certain point, without
changing _all_ browsers. So, IMO something like NaCl is already
overdue.
Acutally, a sandbox like NaCl is probably the only secure way for
nearly all software.
Something like UAC from Vista does no longer match the requirements of
an operating system (Linux/Unix/MacOs is in _no_ way better!).
The fundamental problem is this:
Current operating systems isolate processes and access rights by
_users_ and not per process!
What does it helps if a process can not modify a system file, but is
allowed to send all my data to a third person?
So, IMO every program executed should run in a sandbox! The sandbox
should be designed this way that a program by default can only see its
own files , its own processes, ... The program "thinks" it is the only
program running on a computer. Every access to data not written by the
program itself has to be explicit requested and is granted on a per
file/directory basis. So, even if I as a user give access to some of
my documents to a malicious program, it will never have access to my
saved passwords, email, etc. In addition it should only be possible to
launch a program from specific directories.
Well, I think all this is the job of an operating system and not a
browser. A browser should run in a sandbox supervised by the OS and
not the other way round. But what does it help if all OS-makers just
rely on an outdated security model and are to narrow minded to really
think of alternative models - and finally _deliver_ a solution...
So, google please go on!
Reply all
Reply to author
Forward
0 new messages