Slash Boxes

SoylentNews is people

posted by Fnord666 on Friday June 02 2017, @07:19PM   Printer-friendly
from the virtual-town-hall dept.,34583.html

Google announced that its Portable Native Client (PNaCl) solution for making native code run inside the browser will be replaced by the new cross-browser web standard called WebAssembly.

Around the same time Google introduced Chrome OS in 2011, it also announced Native Client (NaCl), a sandboxing technology that runs native code inside the browser. This was initially supposed to make Chrome OS a little more useful offline compared to only running web apps that required an internet connection. Two years later, Google also announced PNaCl, which was a more portable version of NaCl that could work on ARM, MIPS, and x86 devices. NaCl, on the other hand, only worked on x86 chips.

Even though Google open sourced PNaCl, as part of the Chromium project, Mozilla ended up creating its own alternative called "asm.js," an optimized subset of JavaScript that could also compile to the assembly language. Mozilla thought that asm.js was far simpler to implement and required no API compatibility, as PNaCl did. As these projects seemed to go nowhere, with everyone promoting their own standard, the major browser vendors seem to have eventually decided on creating WebAssembly.

Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by tibman on Saturday June 03 2017, @03:57AM (2 children)

    by tibman (134) Subscriber Badge on Saturday June 03 2017, @03:57AM (#519723)

    The no-script way to do that is to follow the document each comment with a link to a separate document containing a form to reply to that item.

    That's not "no-script". That's no client script. There is still a web developer writing code to validate your comment, store it, and render the dynamic document. That's a long way away from the original quote "the question remains why the web is anything more than a document system". You'd have to redefine document to mean anything rendered to the screen.

    I totally agree that the current state of chat really sucks. I remember when people were using libaim and similar libraries to write their own chat client that communicated over open-ish protocols.

    SN won't survive on lurkers alone. Write comments.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by frojack on Saturday June 03 2017, @04:57PM

    by frojack (1554) Subscriber Badge on Saturday June 03 2017, @04:57PM (#519904) Journal

    That's not "no-script". That's no client script.

    Well DUH!.

    The thread started with a condemnation of the practice of foisting all manor processes to run on the client side.

    Client side scripting is, after all, the root of all hacks. Sandboxes have been historically a majestic failure as each successive pwn2own proves over and over again.

    We've been doing this stuff for going on to 30 years now, and it has gotten progressively more risky each year. Not just because the stakes got higher (on line banking, remote control of machinery, etc), but also because the attack vectors are expanding with each new gotta-have feature, and each new browser plugin.

    Serious browser induced exploit announcements use to occur maybe once a year. Now they are revealed once a month.

    Yet we continue to add stupid extensions to browsers. Now my browser can manipulate to my blue tooth. Who ever thought that was a good idea deserves a 38 caliber vasectomy.

    No, you are mistaken. I've always had this sig.
  • (Score: 2) by JNCF on Saturday June 03 2017, @05:24PM

    by JNCF (4317) on Saturday June 03 2017, @05:24PM (#519919) Journal

    That's not "no-script". That's no client script.

    In this context, the term "NoScript" [] is just concerned with the client.

    You'd have to redefine document to mean anything rendered to the screen.

    The distinction being drawn is whether or not there is arbitrary logic happening in the browser. You can have an embedded video and still be "just a document," if your video is embedded using a DOM element. If you roll your own video player, that's "more." You can deliver a document with comment boxes and submit buttons, and as long as they're only making requests which redirect the browser the original page is still "just" a document. If there's a client-side script involved in processing the form data it becomes "more."