back to article Google Chrome OS goes native (code)

Google's Chrome OS does not run local applications or store local data. Everything is handled inside the browser. But when the much-hyped operating system debuts on netbooks at the end of next year, you can bet it will execute native code on behalf of online Google applications such as Gmail or Docs and Spreadsheets. In other …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Thumb Up

    Linux Security Modules

    are a great technology that can be used for safely executing untrusted native code at full native speed. LSM intercepts all operating system calls and thereby enables a browser that uses LSM to control what a native-code applet does.

    This of course implies that all system interaction (such as accessing the screen, the net and the input devices) is controlled by the browser and performs some additional checks. Very similar to the Java Security Manager. Except that one does not need the sluggish JVM.

    I am not sure whether Windows Vista or W7 does have an equivalent technology to LSM, but there is no reason to wait until Windows catches up. Google is playing the consequent innovator currently and it pays off in their quest to get more and more data from the user in a perfectly machine-readable form. Nevertheless, the idea is great and it is needed for things like downloadable high-speed games or downloadable CAD applications. LSM provides the basic technology and it is high time to make native and secure browser applets possible. The Java cancer is not needed at all.

    1. Anonymous Coward
      WTF?

      WTF dude

      Why so angry at Java? Think it sucks? Stick to your crappy C++ life then and keep your vitriol too...

    2. Gulfie
      FAIL

      Oho, Java sluggish?

      We're not with the times, are we? Java 1.4, released circa 2001/2 was the last of the sluggish VMs. Java 5 was good, java 6 is fantastic. At least make sure your vitriol is current...

  2. Renato
    Gates Horns

    Googletubes 3.0

    Now I see Google more in the likes of AOL/Compuserve and Microsoft: you have to use their "browser" to use their services and they keep pushing new ActivePlugins(TM) to improve your experience.

    Soon Google will send out free CDs containing Chrome.

    Later we'll just type "ELREG" on the address bar to access this news ActiveChannel. Oh wait, it isn't 1999!

    And dear Moderatrix, we need a "Evil Google" icon.

    Gates -- should be Schmidt, Page or Brin.

    1. Peter D'Hoye
      Thumb Down

      bull....

      ActiveX/Flash/Compuserve/... were/are closed systems, vendor lock-in. Google has the code open, so there can and will be ports to other browsers.

      They are just creating an open system, but I see you'd rather use closed systems just because they are more popular at the moment or come from your dear friends at MS/Adobe/...

      1. Gulfie
        FAIL

        "They are just creating an open system"

        ... that is capable of grabbing so much more information about you for storage in the Big Brother archive. Be scared. Be very scared. MS for operating systems only, Google for search only, Apple for iPod tech only... too much of any one is bad for your privacy.

    2. Big-nosed Pengie
      Linux

      Spot on!

      More crap aimed at putting everything in the hands of the application provider instead of the user. Google is the Microsoft of the second decade.

    3. Mike Flugennock

      re: Googletubes 3.0

      Renato writes:

      "Soon Google will send out free CDs containing Chrome."

      Ooooh, good-o! New coasters!

    4. NogginTheNog

      Pushing Chrome

      I've started seeing ads for Google Chrome by the side of the road. Not online ads, these are billboards, printed, on real-world advertising hoardings.

      This from the world's biggest online ad broker. From a company who's name has become almost synonymous with T'internet. A company EVERYONE has heard of.

      So now they feel the need to advertise their browser offline? Just what the fuck are they playing at...?!

  3. Anonymous Coward
    Linux

    forgot to ask

    i can has x64?

  4. Anonymous Coward
    Anonymous Coward

    NaCl => Sodium+Chlorine = Salt?

    If memory serves, isn't NaCl the chemical formula for Salt?

    Is that what they'll call the language/environment?

    JDM

    1. Pirate Dave Silver badge
      Pirate

      Salt

      if memory serves, SALT was the name of the scripting engine in the Telix communication program back in the DOS 90's.

  5. Jon Green
    Grenade

    Hobby horse, spotted

    Well, Cade, that's three articles from you knocking Google in less than 24 hours. Are we starting to spot signs of an obsession, or an agenda?

    1. Anonymous Coward
      FAIL

      Not really

      It is just that Cade has seen through the facade and spotted the evil empire. The chocolate factory might just be on a blockade at the moment, but in a few movies time they will be building death stars.

  6. Ken Hagan Gold badge

    Bytecodes again?

    What is wrong with these guys? The requirement is for a way of sending instructions down the wire to be executed at near-native speed on the client without the client having to trust the server.

    The JVM is a direct attempt to solve this problem, with verifiability and sand-boxability designed in from the start and no attempt to "optimise" (read: constrain) the ISA for a particular subset of applications. The technology is mature, proven, open, and is available on quite possibly more platforms than Google's own website. (Java sucks, but that's another matter.)

    Script, .NET, ActiveX, Flash and the others either duck the security issues or specialise for a subset of applications, or both. Embarrassingly, most of them post-date the JVM but ended up significantly less capable. It looks like Google are about to join the idiot brigade.

    Their reluctance to use the JVM demonstrates that they don't like one or more of these attributes. I wonder which it is? Probably not "mature" or "proven" or "available".

    1. Anonymous Coward
      FAIL

      Yeah, but it's still crap.

      With version compatibility issues and terrible performance, this is still Sun (or, worse, Oracle's) managed playground, not to mention crime against humanity.

      It's a pity really - great utopian concept, scuppered by poor execution.

      1. Gulfie
        Thumb Down

        Troll Alert

        Lets see the evidence, or it aint so!

    2. Gulfie

      Reluctance to use the JVM

      Well, if they don't use the JVM it is much harder for others to add value without reference to Google. After all, if you are forced to use a Google language, you are also restricted by its capabilities (or lack of). Give people Java and they'll be getting up to all sorts of mischief. Its about control, after all.

  7. MarcF

    NaCl

    Correct me if I'm wrong but isn't that abbreviation already taken by oh, I don't know...table salt?

  8. Cameron Colley
    Unhappy

    In other words...

    ... Google has realised the limitations of trying to do everything over the web and is trying to bypass this by getting people to download single-use instances of applications which require processing power which can't be had while running in an interpreter.

    Having taken a look at Chrome OS I saw nothing new, innovative, or interesting -- frankly my E71 running the now almost-retired Symbian is much more functional and "exciting".

    Unfortunately, I've a nasty feeling that Google's new version of WinCE in kiosk mode will take off and we'll have an even bigger push towards storing everyone's data in a multitude of databases scattered around the planet.

  9. Anonymous Coward
    Anonymous Coward

    Didn't MS try this?

    I'm pretty sure MS tried a similar thing, by having hooks into the OS\Browser that only they knew about and so could leverage better performance than their piers. I'm also sure this was found to be illegal on anti-competition grounds?

  10. amanfromMars 1 Silver badge
    Alien

    Virulent Guerrilla Opportunity Knocks and Crashes through Cracked Windows and Open Doors.

    NaCl ...... Virtual SALT Controls ...... with GoGoOgle Leading Nations and Natives SMARTly and Subliminally with SMARTer Acting Sublime Natives in Nations Providing InterNetional InterNetworking Security Stealth Protocolled Programs ........ for AIRecursive Virtual SOSOS .... Shining Open Source Operating System ...... Sparkling Chrome?

    Although you can be sure that there will be those who will recognise that as being a very Spooky Application in ProgramMING too. Indeed, in Larger IT Fields [and that may be a lot easier for Earthlings to Accept as Existing and Leading with Future Events, rather than them being either Further Easily Confused or Unduly Crazily Alarmed about All Powerful Underground Alien Chatter in HyperRadioProActive CodeXSSXXXX Channels] it may even be a Native Client Application making Beta Use of Google's Largesse and Running ITs BIGCHEESE Corporate Security Client Software ...... Virtual Phormware ........ for Stealthy Sublime Semantic Capture of Futures and Derivative Markets in ITs Vibrant IntelAIgent Business Enterprises.

    ""To help protect users from malware and to maintain portability, we have defined strict rules for valid modules," Google said when it first open sourced the project.

    "At a high level, these rules specify 1) that all modules meet a set of structural criteria that make it possible to reliably disassemble them into instructions, and 2) that modules may not contain certain instruction sequences. This framework aims to enable our runtime to detect and prevent potentially dangerous code from running and spreading."" ...... It would be helpful/informative and enlightening to know the criteria and the certain instruction sequences which are referred to here, or are they to remain undisclosed and unarticulated as proprietary trade secrets for traditional competitive business advantage, and thus only to be guessed at?

    "But Google is going to do what it's going to do. As he discussed the possibility of hardware acceleration on Chrome OS at that November press conference, Matthew Papakipos went so far as to say: "We do think Native Client is an important part of this story." Not that he was ready to go into detail. But surely, we can connect the dots." .... If Google is as Smart as it Needs to be to Lead from the Front with everyone Following ITs Native Clients' Visions on/in a Browser [and "in a Browser" is an important pedantic point to consider for Humanity to Make Full Use of the Future Virtualised for Real] then the dots will be Remotely Controlled to Draw for Painting whatever Picture Virtual Machinery Controllers would wish to Present as AIBeta Future Program.

    "Later we'll just type "ELREG" on the address bar to access this news ActiveChannel .....Googletubes 3.0" Renato Posted Thursday 24th December 2009 05:52 GMT

    Type it into any address bar nowadays, Renato, and you have the Future revealed to you, and One can InterReact with ITs Active FutureBuilders XSSXXXXChanging Qubits and Great Bytes of Code and Information for Intelligence to Map and Chronicle and Share CyberIntelAIgents Progress in AI and QuITe Alien Quantum Control and Communications Fields .... Live Operational Virtual Environments.

    Now all IT needs is for MS to get its Act together and do what it does Best and Launch AI Private Pirate Program with Cloned CodeXSSXXXX. Or is that something Larry "Oracle" Ellision will Sail with into the Fray? And don't misunderestimate an Opera in the Key of Apple which can Sing a Song in Tune with the Masses and move at Whopping Warping Light Speeds, unhindered by Anchors and Excess Baggage. ........ but one thing is certain, their Success or Failure to Capture the Future will always depend up the Intelligence of One Being ..... and that is invaribly the One who makes the Mergers and Acquisitions Decisions and writes the Checks and Balances and of course, the Cheques. :-) ..... when Money makes the World Go Round ..... although it all goes Catastrophically Pear Shaped whenever Intelligence is Missing and Avaricious Greed occupies Birds' Nests.

    1. Tom 106

      Nicely put.

      Obviously, the earthlings may not "get this" though.

      1. amanfromMars 1 Silver badge

        Smart Suffrage or Global Collapse ..... Fortunes Made or Ruined at the Click of Mighty Mice.

        "Obviously, the earthlings may not "get this" though." ..... Tom 106 Posted Friday 25th December 2009 18:34 GMT

        The Information is not Geared for them Currently/Presently, Tom 106, but rather more for They Who/That Which would/can Sublimely Control Them Effortlessly. Big CH Ease for the Binary Industrialist into Google Copernicus Hosting Environment and Experiment in Search Engineering.

        In NEUKlearer HyperRadioProActive IT, which with Quantum Control of Communications Delivers Transparency with a Big Bang Bus for Universal Singularity, is that for Native Clients a Strategic Alms Radical Transmission.

        In SMARTer Enabled and Enabling Field Offices of CyberIntelAIgent Security such is AI START rubbing SALTs into Dumb and Dangerous CyberWarfaring Games Rooms'Open Wounds/Solo Cracked and Military Intelligence Community Hacked Systems. And of course, there is a Healing Salve readily available, too.

        Welcome to All Playing the Great Game for Real, and Virtually in Control Remotely of ITs Shared Transparent Quests. And the Point of the Game is to Create an Altogether Better Beta Power System which One Donates to Others for the Exercise of Absolutely Fabulous Mutually Beneficial Control.

  11. uuf6429
    Grenade

    Bull SHIT

    - "New ActiveX": Also known as NPAPI? NPAPI is old and too complicated. But seriosuly this idea is nothing new.

    -"Run code natively": Wasn't this what browser have been aiming all along?

    How can you run Javascript natively? In short you can't. The only work around is VM / virtual machine and/or JIT/just-in-time compilation.

    New ideas? Hardly. JIT and VM are the tech used in Java and .NET.

    So what does it all come down to?

    Propriatary/custom (albeit over-hyped as "open-source") technology which few services may tap into.

    Google Chrome OS is NOT for the web. It is a separate product.

    Maybe call it Web 3.0 or something. But it doesn't and won't use the current technology.

    1. amanfromMars 1 Silver badge

      More Guano than Bull in a Shit Bear Market ..... to Replace Empty Rhetoric with Promised Change

      "Google Chrome OS is NOT for the web. It is a separate product." ..... Bull SHIT, uuf6429 Posted Thursday 24th December 2009 11:27 GMT

      uuf6429,

      It would not be wrong to say that it is a separate product for Strata in Cloud. A statement which a simple question of the appropriate Google hierarchy would/should/could confirm as any denial would be rather pointless whenever a Native Client would be actively using the Concept Beta as such, in ITs Programs.

  12. Anonymous Coward
    Badgers

    I Don't Get It...

    If their goal is "write once, run anywhere" then how is NaCl any different to platform-specific pre-compiled Java? (i.e., no JVM needed). And if their goal is "write many times but run fast" then how is that different from downloading and running a native app?

    Why do Google feel the need to further fragment the Web when writing native client apps would be easier and better? As my title states, I don't get it.

  13. Paul M 1

    Or in other words...

    ...Google knows the difference between "idealism" and "pragmatism".

    For example, here is the corrected version of a quote from the article:

    "After the release of Chrome Frame - which essentially put a [standards compliant] browser inside a [non-standards compliant] browser..."

    Cade, we all get it that you feel the need to put a negative spin on anything that Google does but whatever it is you need to just move on.

    Looking at the thumb-ups and downs there are sadly enough tinfoil hatters here to justify the drip-feeding of Google-is-evil stories but could you please at least separate them into a commentary section so the rest of us can just read the news?

    Much appreciated.

    1. Gorbachov
      Badgers

      not the point

      The problem with Google Frame is that it increases the level of complexity for the end user. The user is suddenly running Chrome but everybody who doesn't explicitly know that will assume they are running IE.

      That opens a whole can of worms as far as security is concerned.

      Not to mantion hat complexity is the enemy of secure design.

  14. alex dekker 1

    Lighten up

    Seeing a bogeyman around every corner must be a pretty depressing way to live your life. Do you perhaps suggest that Google instead not bother writing any plugins, and wait for browser makers to catch up?

  15. Anonymous Coward
    FAIL

    Search engine

    Hmmm all we need is a distributed peer to peer search engine type o' database jobbie and we can say good bye to google and their witchcraft pretending to be opensourcery.

  16. Charlie Clark Silver badge
    Thumb Up

    Good article

    Google will need something to compete with MS Office online's use of Silverlight and "native client" is the cleverly named plugin that will help them in this respect. Nice to hear developers come to word with their concerns.

    The market will go for the fastest solution. Security is still an afterthought in most of our minds and companies will be able to get away with promising improvements in the next version.

  17. Colin Millar
    FAIL

    In other news

    I have this round thing that rolls along and has real potential for transport applications - I'm so surprised that no-one thought of it before now.

  18. Cameron Colley

    @Those mentioning Sodium Chloride:

    You might want to go back and look at the article with the images enabled. ;~)

  19. The Indomitable Gall

    Native codecs...

    " With the next preview release of Opera 10.5, it will add support for native video codecs, mirroring what Mozilla has done with Firefox. "

    Praytell... will that mean adding in another set of codecs for each video type, or will it happily share the codecs that I installed for VLC?

  20. Christian Berger

    FOOF

    The system _may_ shield the native code from the OS, however it cannot shield it from the CPU. In an ideal world this shouldn't matter, however there have been many cases of security critical CPU bugs. The most famous one was the FOOF-bug where a certain sequence of instruction bytes could simply put the CPU to a halt.

    Now with multi-core CPUs and shared caches, it doesn't seem to be unlikely that there are whole new classes of bugs which might be exploitable.

    What is the problem of downloading, for example, forth code and then simply compiling it for your platform. Seriously in times the main problem is memory bandwidth, optimisation of code speed becomes less important.

  21. Neil Stansbury
    Thumb Down

    Mozilla already did this

    [...]Google is playing coy over the role of native code in its fledgling OS. But the company says its Native Client project - which executes native code inside today's Google Chrome web browser[...]

    It is such a shame Google didn't take the Firefox option instead of rolling their own, Mozilla solved this issue from day dot with XPCOM. This solves all these issues and is variously exposed to C++, JavaScript, Java & Python.

    https://developer.mozilla.org/en/xpcom

    Which then allows you to do stuff like this:

    http://www.redbacksystems.com/xulu/

  22. Anonymous Coward
    Anonymous Coward

    @uuf6429

    "How can you run Javascript natively? In short you can't. The only work around is VM / virtual machine and/or JIT/just-in-time compilation."

    You are plainly WRONG. Linux Security Modules are as much a sandbox as the JVM or the .Net VM. Every single OS call, including the call that increases process size, can be intercepted and checked for correctness. SE Linux, for instance, allows you to execute untrusted binary code safely, based on LSM.

    Native code can even be hand-coded Assembler and that is often 10 times faster than a similar piece of C code or 40 times faster than similar Java code. Especially if you use SIMD instructions such as SSE. There is a big need for natively executed, untrusted code.

    Regarding the instruction set issue, the pragmatic way is to just compile the C source code into every important CPU instruction set and have it available on the web server that hosts the applet. Some sort of automatic mechanism of selecting code for the respective platfrom can be trivially implemented. If there is any assembly code, hard work is needed, though. But that is the price you pay for highest performance, obviously.

  23. Joe Montana
    WTF?

    Arm? Mips? IA64? amd64?

    The problem with native client is that although google plan to support x86 and arm, what about other architectures? Will we be forever tied to x86 and arm? The chinese make a good line of cheap low power mips based processors...

    Also, even tho the platform may *support* 2 architectures, it will be up to individual developers to compile their code for both... How many sites using this will actually bother to support more than just x86?

    One of the best points of web based applications is that they free you from being tied to one platform, and while google's plans may free you from software lock-in, they will create a new form of hardware lock-in.

    As for performance of native code, i doubt it will be able to take advantage of special features present in modern cpus, for instance *some* arm processors have video decoding or encryption processing hardware but precompiled binaries will have to be lowest common denominator to support the widest range of target systems. A JIT compiler like java can theoretically take advantage of such features.

    Also, google have tied android to a java based system...

    Wouldn't it make more sense for google to work with the openjdk folks to improve java?

  24. This post has been deleted by its author

    1. Gulfie

      Eh?

      Sounds like a signed Java archive to me.

  25. Jason Terando
    Stop

    What is the web anymore?

    There was a time when the Web was about setting up a way of sharing content, via hyperlinked documents, that could be rendered somewhat consistently on any platform.

    It almost seems like the proliferation of webservices and increasing levels of functionality (complexity) being wedged into the browser are as much of a ploy to get around the network firewall security nazis as it is to usurp OS's and application platforms. In the old days, if I wanted a client server app to pass data over the Internet, I would establish a protocol, secure it with some sort of encryption, reserve a port and let my networking guys know that the port needed to be mapped to a server.

    Today, a request to open a new port is likely to be met by the security guys with more resistance than permission to have a night out with their women. But now, as long as I can figure out a way to render a half-usable UI using Javascript and DOM, I can move about all the data I want using XML or JSON, and it is met with far less scrutiny by the security folks. I'm not convinced that this is a good thing for data, security, or the efficiency of Internet. It would make no sense to implement things like SFTP or Usenet as webservices, but that's about what we are doing with almost all Internet applications these days.

    Getting back on point - if Google wants to make an application platform, they should start from a clean slate and quit encumbering the web. HTML5 has some elements of this (sockets, media rendering) but it's not enough, it's creaky, inelegant and has a lot of the traits of something that has been kludged by committee over time.

    Developers need a real, distributed application platform. Stateful connections (without cookie lameness), straightforward persistence, consistent and known media formats, data interchange without having to muck about using XML or JSON, scalable vector graphics, a consistent UI toolkit. All this sort of sounds like what Java could have been, but the execution was a failure. Google can make this happen. They can build runtimes for Windows, Mac and Linux. Better yet, Google could create its own OS to optimize the implementation (but it should be more than Chrome running as a shell on top of Linux). This could finally be the thin-client solution shops have been promised for time-immemorial.

    Going forward, keep the new releases well-versioned. Major new functionality (touch support, speech recognition, 3D, new media formats) should be major releases; minor functionality and bug fixes should be minor.

    The native code browser add-in approach described seems like the same bad idea of making a browser and the web do things they were not designed to do, with the historical precedence of Netscape plug-in's, ActiveX and Flash. Start over.

  26. Anonymous Coward
    Anonymous Coward

    Offline

    Nobody has mentioned HTML5 offline... combined with NaCl and offline cache/USB devices, you'll be able to edit video/photos offline, almost able to do anything you could with a normal PC.

  27. Tom 106
    FAIL

    but....

    What use is all this from Google, for those that like to work with their machines switched off from the net?

  28. Gary McCabe

    Billboards?

    Seen a lot of billboards here in the UK advertising the Chrome browser. Whats that all about? My theory is: Google plan to launch some features of the Chrome OS for other OS's, but will only make this available via the Chrome browser.

  29. Anonymous Coward
    Anonymous Coward

    @offline

    Hear hear, very little is ever mentioned about the fact the internet is not high speed EVERYWHERE.

    As much as one might like to use a web only OS with what amounts to activeX to use native code, there are still very large areas of the world without ANY BROADBAND.

    Here is a list of some areas that are lagging behind:-

    Spain (in a big way)

    All of the middle east share a 128 Kb connection (or so it feels like).

    Portugal in large areas

    UK in non-urban areas (less so now but still true for some)

    etc etc

    Evil google, not really, but they dont make me want it. Why waste all my laptop power on web only apps or get a netbook and be stuck with only online. Why cant i use a text editor to do some code on the train. Why cant i use offline video viewing tools, since i pay through the nose for bandwidth.

  30. Jay Castle
    Megaphone

    Please, please, please....

    .....can the hideous photographic link for this story be removed from the front page? I read this site when I'm eating my lunch, y'know?

    I don't need that pair of fuglies staring at me - it's making my feckin eyes water....

This topic is closed for new posts.

Other stories you might like