Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Demonstrates Chrome Native Client With Bastion

Soulskill posted more than 2 years ago | from the smashing-crates-in-the-browser dept.

Chrome 154

Multiple readers sent word that Bastion, an action RPG from indie developer Supergiant Games originally made for Xbox Live Arcade, has shown up in the Chrome Web Store. The purpose of the move is to showcase the browser's Native Client technology. From the article: "Ian Ellison-Taylor, Google's director of product management for the open Web platform, said that Native Client, also called NaCl, can currently improve browser performance by 1 to 10 times. 'What would it be like if we could run native code inside the browser,' he asked the crowd, and he enumerated two goals for the Native Client project. He said Google wants to bring native applications to the Web for performance and security reasons, and it wants to enrich the Web ecosystem by bringing popular, long-in-use programming languages to the Web."

cancel ×

154 comments

Sorry! There are no comments related to the filter you selected.

Indie = gay (-1)

Anonymous Coward | more than 2 years ago | (#38320268)

Indie = gay. This shit is gay.

Re:Indie = gay (0)

Anonymous Coward | more than 2 years ago | (#38320350)

no u

Wow, this is so innovative. (3, Insightful)

Anonymous Coward | more than 2 years ago | (#38320308)

This is so revolutionary. Now we can run native applications on our computers! Just imagine the possibilities! Oh, wait. We already can. And they aren't inhibited by some horrid browser-based sandbox.

If this was microsoft (0, Insightful)

Anonymous Coward | more than 2 years ago | (#38322260)

If this was microsoft this comment would have been marked +5 "insightful". google shills have really taken over.

Re:If this was microsoft (1)

Anonymous Coward | more than 2 years ago | (#38322654)

Ehm, microsoft did exactly this and called it 'ActiveX'. Unfortunately it had all kind of security flaws, and was restricted to one platform. Those were the main reasons it got burned down, not because of the name stamp per se.

Silverlight, although strictly speaking not native but close enough, was given all chances, but Redmond decided to screw it - i mean - stop the project themselves.

NaCl gets frowned upon a lot, too, but might be worth giving a chance as anything is better than flash. First see, only then burn, please.

Re:If this was microsoft (0)

Anonymous Coward | more than 2 years ago | (#38323570)

anything is better than flash. First see, only then burn, please.

So, you're waiting for shitty animated ads and intro pages using NaCl?

improving performance by 1 to 10 times (5, Funny)

roman_mir (125474) | more than 2 years ago | (#38320338)

can currently improve browser performance by 1 to 10 times

- this reminds me of the quote from the historical documents:

-Good Lord! That's over 5000 atmospheres of pressure!
-How many atmospheres can the ship withstand?
-Well, it was built for space travel, so anywhere between zero and one.

Re:improving performance by 1 to 10 times (4, Funny)

donscarletti (569232) | more than 2 years ago | (#38322014)

It's best to take all figures, especially those concerning NaCl with a grain of salt.

Re:improving performance by 1 to 10 times (0)

Anonymous Coward | more than 2 years ago | (#38322342)

NaCl with a grain of salt.

It took me a while to get that but it was worth it. Well done.

Re:improving performance by 1 to 10 times (1)

burni2 (1643061) | more than 2 years ago | (#38324132)

Yes, even an improvement by "1" time is great.

I got a promotion last week, all what I said to my boss was I will do the things in the same way I do them like in the past, nothing less, and well he said then I will promote you to nothing less than in the past and I will increase your sallary by a factor of 1.

bad idea (1, Funny)

locopuyo (1433631) | more than 2 years ago | (#38320370)

How would that be more secure? I can only think of things that make it less secure. It is also Satan's anus poised over web standardization.

Re:bad idea (4, Informative)

Qwavel (733416) | more than 2 years ago | (#38320684)

I'm guessing they mean that you are more secure now that you can run apps in your browser which you previously had to install into your OS. The privileges enjoyed by an NaCl browser app are really minimal compared to the same app installed with admin on Windows (which is how most users do it).

Regarding web standardization, note that NaCl is nothing like Flash or Silverlight: rather then replacing standard web technologies with proprietary technologies, it is primarily a way to optimize pieces of web technology. You take your bundle of HTML/CSS/Javascript and replace pieces of the javascript with native code. And you don't do it with some proprietary google language - you do it (eventually) with whatever language you want.

To me it seems like a reasonable way to move the web forward without subverting it (or even altering it much).

Re:bad idea (2)

AaronLS (1804210) | more than 2 years ago | (#38321222)

Since NaCl == Sodium Chloride == Salt, let's make this discussion more interesting by replacing all instances of "NaCl" with "salt".

"note that [salt] is nothing like Flash or Silverlight". The first consistently taste great, while the others vary in flavor from one OS to the next. I kid, I kid :)

Re:bad idea (0)

Billly Gates (198444) | more than 2 years ago | (#38321432)

I can replace nacl with IE 6 in your post and mention css box model as a way to optimize w3c standards too. Doesnt mean its ok because its not from Microsoft. Implementing something your own way is evil and proprietary. I did a search and read comments 9 years ago on slashdot and IE 6 was better and supported more standards but things were starting to get monopolized as a result. I seethis and Googles cloud ecosystem as no different than MS. I dont like it

Re:bad idea (3, Informative)

chrb (1083577) | more than 2 years ago | (#38321932)

Implementing something your own way is evil and proprietary.

Native client is open source [google.com] . So is chromium.

Re:bad idea (1)

BitZtream (692029) | more than 2 years ago | (#38322320)

You have a really fucked up definition of evil if 'doing your own thing' qualifies as evil.

Re:bad idea (3, Insightful)

kripkenstein (913150) | more than 2 years ago | (#38322230)

To me [NaCl] seems like a reasonable way to move the web forward without subverting it (or even altering it much).

There are a few big problems with that:

  • NaCl is not portable. NaCl apps only run on x86 and x86_64, not ARM or PowerPC or anything else.
  • NaCl is not a standard or even a proposed standard, and all other browser vendors are opposed to it (because of the previous issue, and because it is controlled by Google). As a consequence, NaCl apps only run on Chrome (and on x86 and x86_64).

The web is all about open standards, viewing the same web from any browser or any OS, and so forth. So NaCl, that only runs on two archs and on one browser, is a step backwards.

Re:bad idea (0)

Anonymous Coward | more than 2 years ago | (#38323018)

> The web is all about open standards

I want on your Web. The only True 'Open' on the Web everyone else uses is the Corporate Wallet...

Re:bad idea (0)

Anonymous Coward | more than 2 years ago | (#38324110)

I agree. That's what pNaCl (Portable Native Client) is for: it uses LLVM bytecode instead of x86 assembly, so the final compilation step is left up to the browser... but it's not ready yet. Google really shouldn't have ever declared x86 NaCl stable; it should only ever have been a step toward developing pNaCl.

1 -10 times (0)

Anonymous Coward | more than 2 years ago | (#38320380)

Improve performance ten-fold? I'll take that statement with a pinch of salt.

Re:1 -10 times (1)

roman_mir (125474) | more than 2 years ago | (#38320406)

May I suggest one to ten pinches?

Re:1 -10 times (0)

Anonymous Coward | more than 2 years ago | (#38320850)

Your pun shall not be left unnoticed. A sword through your stomach is all that I ask.

How do I turn this off? (3)

orn (34773) | more than 2 years ago | (#38320388)

Like I really want anyone and their uncle to be running native code on my machine. We went to a sandbox model for a reason! If this is active now, how do we shut it off?

Enough with the "sandboxing is perfect" bullshit. (-1)

Anonymous Coward | more than 2 years ago | (#38320482)

For crying out loud, what is it with you sandbox freaks? Why do you insist that sandboxes are the only solution to security problems? Why do you get so excited about a technique that's actually quite ancient?

Fuck, I first remember using sandboxing back in the 1970s on some IBM mainframes, and it probably wasn't even a new technique then. All through the 1980s, 1990s and 2000s it became a pretty common feature of most UNIX systems. Hell, even Linux and *BSD have excellent sandboxing support, and have had it for a long time. That's not even considering Java, .NET, and the other existing and well-established platforms that are sandboxed! These days we've also got Xen, VMware and many other systems we can run on PCs.

Look, sandboxing is one security technique among many. If getting rid of sandboxing causes you that much of a problem, THEN YOU'RE DOING SECURITY REALLY FUCKING WRONG!

Re:Enough with the "sandboxing is perfect" bullshi (1)

grumbel (592662) | more than 2 years ago | (#38320548)

Why do you insist that sandboxes are the only solution to security problems?

So how exactly do you propose to run native code securely without some kind of sandbox?

Re:Enough with the "sandboxing is perfect" bullshi (0)

Anonymous Coward | more than 2 years ago | (#38321142)

You're only able to use a set of formally verified "safe" instructions. I'm no expert on this, so look here [matasano.com] for more detail on the way it works, from people trying to break it.

Re:Enough with the "sandboxing is perfect" bullshi (0)

Anonymous Coward | more than 2 years ago | (#38321214)

That is in itself a form of sandboxing no?

Re:Enough with the "sandboxing is perfect" bullshi (1)

tepples (727027) | more than 2 years ago | (#38320564)

Why do you get so excited about a technique that's actually quite ancient?

Because we're making fun of mainstream PC operating system developers who can't figure out application sandboxing by themselves.

Re:Enough with the "sandboxing is perfect" bullshi (3, Funny)

Anonymous Coward | more than 2 years ago | (#38320628)

For crying out loud, what is it with you wheel freaks? Why do you insist that wheels are the only solution to transportation problems? Why do you get so excited about a technique that's actually quite ancient?

Fuck, I first remember using wheels back in the 1970s on some Ford pintos, and it probably wasn't even a new technique then. All through the 1980s, 1990s and 2000s it became a pretty common feature of most land yachts. Hell, even Chrysler and GM have excellent wheel rotating support, and have had it for a long time. That's not even considering Hyundai, Kia, and the other existing and well-established platforms that have wheels! These days we've also got Saab, BMW and many other systems we can run on roads.

Look, wheel rotation is one transportation technique among many. If getting rid of wheels causes you that much of a problem, THEN YOU'RE DOING TRANSPORTATION REALLY FUCKING WRONG!

FTFY

Re:Enough with the "sandboxing is perfect" bullshi (1)

Anonymous Coward | more than 2 years ago | (#38320888)

Your Shitty Car Analogy is quite shitty, even for a Shitty Car Analogy. In fact, you actually proved the GP's point in your perverse attempt to ridicule it.

You're totally missing the fact that wheels are basically the only thing that'll allow most cars today to move. You take the wheels off, and your car isn't going anywhere. That's exactly the problem that the GP is describing with these sandboxing afficionados. They think of sandboxing as their only option, and thus it's the only option they employ. You take it away, and they're shit out of luck.

Sensible people, on the other hand, see sandboxing as just one more tool in the toolbox. It's not the only approach they use to ensure the security of their systems, so taking it away causes little to no harm. They have employed multiple other techniques to help ensure the security and the safety of their systems.

Re:Enough with the "sandboxing is perfect" bullshi (0)

Anonymous Coward | more than 2 years ago | (#38322530)

Sandboxes aren't the only solution, and only a fool employs only one layer of security alone, trusting that the sandbox in and of itself will stop any possible attack. In the same way, however, sandboxing is a great tool that does block of lot of more obvious problems, and throwing it away unnecessarily would be just as foolish. The article is about a native client that doesn't use sandboxing; they've removed a layer of defense and reduced the number of techniques being used to ensure the security and safety of their systems. The tradeoff is for speed on some calculations, particularly video rendering: games. Sacrificing a layer of security for games. That might be okay for home users who want to play the latest in-browser version of Zeus-Kelihos' Fantabulous Iranian FarmVille 3D: Sino-Russian Winter Edition on their own machines, but it's got to rub corporate IT the wrong way.

Re:Enough with the "sandboxing is perfect" bullshi (1)

grumbel (592662) | more than 2 years ago | (#38324306)

Sensible people, on the other hand, see sandboxing as just one more tool in the toolbox.

So please enlighten us. How do you run untrusted code on your machine without some kind of sandbox?

Re:Enough with the "sandboxing is perfect" bullshi (0)

Anonymous Coward | more than 2 years ago | (#38320654)

For someone who 'remembers' the 1970s you are really clued out about security basics.

Re:How do I turn this off? (0)

Anonymous Coward | more than 2 years ago | (#38320614)

I wouldn't be worried about running NaCl code on my machine. NaCl checks the code for violations of API restrictions. See this little description: https://developers.google.com/native-client/overview#how-nacl-works

Re:How do I turn this off? (2, Informative)

Anonymous Coward | more than 2 years ago | (#38320792)

You should read up on how NaCl works. It is in a sandbox. One based on software fault isolationi.

Re:How do I turn this off? (5, Funny)

TheGratefulNet (143330) | more than 2 years ago | (#38320902)

yeah, right; I'm going to trust italian software!?

Re:How do I turn this off? (1)

swillden (191260) | more than 2 years ago | (#38321098)

Like I really want anyone and their uncle to be running native code on my machine. We went to a sandbox model for a reason! If this is active now, how do we shut it off?

It's not active by default, yet, and it is sandboxed. Native sandboxing is possible.

It's SLLOOOOWWWW (2)

Mr. McGibby (41471) | more than 2 years ago | (#38320402)

I tried Bastion this morning on my arguable beefy 8-core 8 GB machine. SLOW AS SNOT. So either it's slow or I need to change some configuration setting. Maybe I'm missing something, but wasn't doing this crap in the browser supposed to make it "just work" (tm)?

Re:It's SLLOOOOWWWW (1)

0123456 (636235) | more than 2 years ago | (#38320484)

Maybe I'm missing something, but wasn't doing this crap in the browser supposed to make it "just work" (tm)?

They said it would 'just work' (so long as you're using a supported browser), they didn't say it would be usable.

Re:It's SLLOOOOWWWW (1)

SadButTrue (848439) | more than 2 years ago | (#38320610)

Not sure what issue you had but I just gave it a go and it was quite smooth. The game it's self isn't my cup of tea but it ran just fine. Narration was funny, if I could have use my controller I prob would have played at least to the end of the demo..

Re:It's SLLOOOOWWWW (1)

errandum (2014454) | more than 2 years ago | (#38320956)

It just worked for me, and I'm running a Core 2 Duo 3 year old processor with a medium range graphics card. I'm running Chrome 15

Re:It's SLLOOOOWWWW (1)

Ambvai (1106941) | more than 2 years ago | (#38323686)

Low end i5, 4gb with onboard video. The first stage was about as smooth as the downloaded version with the exception of a periodic tiny skip about every two seconds. Chrome 15.0.874.121 m.

Re:It's SLLOOOOWWWW (3, Insightful)

VortexCortex (1117377) | more than 2 years ago | (#38324028)

Single core code... You bought more cores thinking coders (especially poor indie ones) were going to support all of them at once?
My 7 year old 3ghz single core machine, w/ 3GB RAM and a crappy $50 Nvidia GeForec FX 5200 runs this fantastically.

As a coder myself I take great pains to ensure my software can take advantage of as many cores as you throw at it, but in reality, most programs do not. What's the individual cycle speed of one of your cores? Less than my 6 year old laptop? Yeah, don't expect low quality software to run well on your high quality rig.

I wish Erlang wasn't crap when it comes to games -- it was a step in the right direction.

NaCl! (0)

Anonymous Coward | more than 2 years ago | (#38320424)

Personally, I am most entertained that the web client is called sodium chloride.

Re:NaCl! (1)

cmv1087 (2426970) | more than 2 years ago | (#38320908)

Yes, I'm curious if there'll be a complementary technology named Pepper.

Pepper (2)

DragonWriter (970822) | more than 2 years ago | (#38321150)

Yes, I'm curious if there'll be a complementary technology named Pepper.

Pepper is the plug-in API that NaCl modules use to communicate with browser-managed resource, JS, etc.

Re:Pepper (1)

cmv1087 (2426970) | more than 2 years ago | (#38322218)

Oh wow, you're right. Silly me, not reading the article.

Re:NaCl! (1)

AaronLS (1804210) | more than 2 years ago | (#38321276)

If I utilize both technologies, will my browser rap for me?

Re:NaCl! (0)

Anonymous Coward | more than 2 years ago | (#38321356)

no, but it might rape you.

Re:NaCl! (0)

Anonymous Coward | more than 2 years ago | (#38321706)

No, but you're friends will start calling you Spinderella.

Reminds me of IE 6 (3, Insightful)

Billly Gates (198444) | more than 2 years ago | (#38320430)

I am a little uneasy of making a web browser a proprietary platform. PcMag had an article about Chrome being the next IE 6 of the browser wars 2.0 [pcmag.com] .

IE 6 was a great browser in 2001 regardless of its security shortcomings found years later. Everyone on slashdot back then admitted to using it but were scared and assumed the WWW would die soon because of it. Everyone seems to be oblivious that Google is another evil big corporation no different than Microsoft. Actually synergy is behind Google now, like it was with MS a decade ago.

Dart is chrome only, the javascript libraries are Chrome only or particulary run much better on Chrome (google ones like V8), this and many other proprietary HTML 5 code like that site with the band a few months ago that only work in Chrome. This game will use HTML 5 but has other proprietary hooks to make sure it wont run in any browser.

Google is making it clear they look at the browser as an operating system. At least Microsoft today is running away from ActiveX and trying to do good with IE 10 which will be the most open and standards compliant browser to date. Firefox is dying and is losing popularity. In a year or two from now it will be a IE vs Chrome world.

Anyone else bugged or am I just paranoid? I just want a great browser and not a simple fast one, but with the real goodies underneath it that are dependent on Chrome.

Firefox could easily avoid dying. (0, Insightful)

Anonymous Coward | more than 2 years ago | (#38320622)

I agree completely that Firefox is currently on its way out. Mozilla has made one fucking mistake after another with Firefox lately, and it is indeed killing it faster than I had even originally anticipated. But Firefox doesn't have to die. Mozilla could quickly reverse the flood of users away from it very simply.

Here's what they need to do:

1) Give the "designers" the boot. Applications "designed" by failed web "designers" are fucking unusable, like recent Firefox releases have been. These people are fucking clueless.

2) Undo every stupid decision made starting with Firefox 4. That means put the menus back, put the status bar back, put the protocol back in the URL bar, and quit trying to put so many fucking rounded corners and fucking gradients all over the place.

3) Fix the fucking performance problems and memory leaks. We've told them about these problems for years now. They're damn easy to reproduce. All you need to do is download Firefox, install it, and use it for 10 minutes. The poor performance will be obvious, and the memory usage will be shitty. Since it's so easy to reproduce these problems, Mozilla should have no problem fixing them.

4) Stop the stupid release schedule. Release a few times a year, and make sure these releases are solid. And for crying out loud, stop breaking add-ons with each release!

Through those simple steps, Mozilla will be able to save Firefox. If they don't to this, however, Firefox will indeed be a mere footnote in the history of web browsers.

Re:Firefox could easily avoid dying. (0)

Anonymous Coward | more than 2 years ago | (#38321656)

I run it on a 1.8G pentium 4 with a gig of ram. I'm using both aurora and firefox 8. Current uptime is 3 days, with multiple windows and multiple tabs open. The only time I ever see it consume 500 megs is if I leave some youtube videos in the background for a few hours...

So, yeah. That thing you bitch about is fixed now. You're welcome to try out Firefox anytime.

Personally, I will never touch Chrome because it doesn't fully support blocking ads and never will. On this old machine Chrome doesn't run any better than Firefox anyway. Without having 8 gigs of ram and quad cores to throw around, I can make Chrome crash too. But I'd never be stupid enough to blame the crash on Chrome and its "memory leak problem".

Re:Firefox could easily avoid dying. (0)

Anonymous Coward | more than 2 years ago | (#38321742)

P4 1.8 processor is now a quad core? Holy fuck, Intel's marketing dept. must be smoking something.

Re:Firefox could easily avoid dying. (0)

Anonymous Coward | more than 2 years ago | (#38322350)

Huh? I was saying that it's harder to make stuff crash on newer machines. You're really reaching for this troll.

Re:Firefox could easily avoid dying. (1)

I(rispee_I(reme (310391) | more than 2 years ago | (#38321760)

In the meantime, use Firefox 3.6 [mozilla.org] .

I was surprised to find that it still gets updates (3.6.x) and all the newest versions of my extensions still work with it. Your mileage may vary.

Maybe if netcraft reports that enough users are refusing to run their painted whore of a browser, the Firefox devs will see the light.

Re:Firefox could easily avoid dying. (1)

Luckyo (1726890) | more than 2 years ago | (#38322078)

The reason it's still getting updates is because someone in mozilla still has enough sanity to understand that 4+ are failures that will never be adopted by corporate world, and that users want to have same browser at work and at home.

I would expect that 3.6 will continue to get upgrades for a very long time, or at least until they stop the insane release schedule they have now and default back to old one. Which will probably happen once they have enough head start on chrome to last them a year or so.

Re:Reminds me of IE 6 (3, Interesting)

Qwavel (733416) | more than 2 years ago | (#38320868)

I agree that Google is just another big evil corp and should be watched closely - I'm a fan of much of what they have done, but I still try to remain critical.

But this is nothing like what MS tried to do to the web. I'll repeat some of what I posted above: with NaCl, Dart, WebM, and SPDY, Google is not replacing web technologies with proprietary technologies - they are optimizing pieces of web technologies.

Even when you use these technologies you are still writing a standard web app and it still runs on all browsers - just without the Chrome optimizations. For NaCl for example, the primary use case (according to Google) is that you take your bundle of HTML/CSS/Javascript and replace pieces of the javascript with native code. When deployed to other browsers your app uses the original javascript instead of the optimized NaCl alternative.

More importantly, these technologies are all open source and restriction and royalty free. So, for example, Amazon is now using Google's SPDY technology in their browser without any royalties or advantage to Google.

To me these seem like reasonable ways to move the web forward without subverting it.

So, if you want to be pissed at Google then note that a couple of weeks ago they cancelled their project to make Green technologies competitive with coal. That didn't get nearly enough press. But when it comes to the web they (for now) still appear to be behaving themselves.

Re:Reminds me of IE 6 (1)

cmburns69 (169686) | more than 2 years ago | (#38321210)

Even when you use these technologies you are still writing a standard web app and it still runs on all browsers - just without the Chrome optimizations. For NaCl for example, the primary use case (according to Google) is that you take your bundle of HTML/CSS/Javascript and replace pieces of the javascript with native code. When deployed to other browsers your app uses the original javascript instead of the optimized NaCl alternative.

So I have to write my stuff twice? I barely have enough time to write what's needed once!

No thanks, I'd rather continue to write once and run everywhere-- That's what javascript + existing cross platform libraries provide.

I'll start using these, though, If any of these solutions (thanks to their open specifications) get picked up by a majority of browsers.

Re:Reminds me of IE 6 (1)

10101001 10101001 (732688) | more than 2 years ago | (#38321686)

So I have to write my stuff twice? I barely have enough time to write what's needed once!

Or three or four times. ARM needs the boost more than x86, anyways, but honestly given that Javascript still doesn't seem suited for more than twirling fobs, I'm not sure what the real point is. I mean, if the performance does become high enough that it's feasible to push games into the browser, I can only see that as a combination of annoying users--just like flash does--while offering an inferior experience to a stand-alone client--since it's enough of a hassle worrying if the game itself will crash without also having to worry about the browser crashing as well. Of course, perhaps I'd feel a bit differently if web browsers didn't still crash, hang, become generally unresponsive, and/or have regularly security concerns. But, then, OS kernels have all those problems as well, even Linux, so I'm not exactly getting my hopes up. It's just that adding another layer doesn't seem to improve things.

Re:Reminds me of IE 6 (1)

kangsterizer (1698322) | more than 2 years ago | (#38321414)

SPDY and WebM are not the same as Dart and NaCl.
WebM is just plain good, no doubt.
SPDY gave them an advantage since they had it first and others were shy to make such a hack (because it is a hack), however, its getting adopted since SCTP would be a pain.

Dart and NaCl received a strong push back from half or more of the community so I don't need to bore you with details you have already read.

So they enforce it - and they can, due to Chrome's grow rate and their hand over a lot of things. They buy out companies to develop for it. Microsoft style.

Re:Reminds me of IE 6 (1)

Anonymous Coward | more than 2 years ago | (#38323940)

For NaCl for example, the primary use case (according to Google) is that you take your bundle of HTML/CSS/Javascript and replace pieces of the javascript with native code. When deployed to other browsers your app uses the original javascript instead of the optimized NaCl alternative.

So does that mean there's a version of Bastion written in javascript that runs everywhere, and a native version that works better in chrome?

Re:Reminds me of IE 6 (3, Insightful)

DragonWriter (970822) | more than 2 years ago | (#38320964)

I am a little uneasy of making a web browser a proprietary platform.

There's two different uses of "proprietary" that are common, one is in contrast to FOSS (which Native Client is), and one is in contrast to "standard" (with regard to which, per the Native Client FAQ, Google thinks Native Client is too immature to consider trying to standardize at this time.)

Lots of technology gets integrated into browsers to be proven before being submitted for standardization.

Dart is chrome only

No, its not. The VM isn't integrated into Chrome yet, the only way to run it in a browser is compiling to JS that runs on any modern browser, so its not even runs-better-on-Chrome, much less Chrome-only.

Its possible that the when the VM is integrated in Chrome it will be runs-better-on-Chrome.

the javascript libraries are Chrome only or particulary run much better on Chrome (google ones like V8)

V8 isn't a javascript library, its the JavaScript engine that Chrome uses, parallel to SpiderMonkey or whatever the engine is that Firefox uses now.

[...] proprietary HTML 5 code [...]

You are misusing either "proprietary" or "HTML 5" here.

Re:Reminds me of IE 6 (0)

BZ (40346) | more than 2 years ago | (#38323560)

> V8 isn't a javascript library,

You misunderstood.

Google's JavaScript libraries are purposefully written to run faster on V8 specifically, often at the expense of performance in other browsers. And at the same time, V8 is written to run the code patterns those libraries use faster, often at the expense of other code patterns used elsewhere.

The net result is that Google properties work better in Chrome and at the same time Chrome works better on Google properties.

Re:Reminds me of IE 6 (1)

FrangoAssado (561740) | more than 2 years ago | (#38323938)

Google's JavaScript libraries are purposefully written to run faster on V8 specifically, often at the expense of performance in other browsers. And at the same time, V8 is written to run the code patterns those libraries use faster, often at the expense of other code patterns used elsewhere.

That might be a problem if V8 [google.com] wasn't open source, or if Google was preventing anyone from seeing how it works. As it stands, your argument makes about as much sense as saying that Linux and GCC were evil because earlier versions of Linux couldn't be compiled on anything but GCC. The thing is, nothing prevented anyone from changing Linux to compile in other compilers, or studying GCC to learn how to make other compilers compile Linux (and, indeed, today it's possible to compile Linux with other compilers).

So, if Google's libraries do indeed run that much faster in V8, what's preventing anyone from implementing these optimizations in other javascript engines, or writing their libraries to run fast on V8? Is it reasonable to prevent Google from optimizing anything just because other browsers and libraries would then be slower?

Re:Reminds me of IE 6 (1)

BZ (40346) | more than 2 years ago | (#38324008)

> what's preventing anyone from implementing these
> optimizations in other javascript engines

They make other (non-Google) sites run slower?

> Is it reasonable to prevent Google from optimizing
> anything just because other browsers and libraries
> would then be slower?

I didn't say anything about preventing Google from doing whatever they want. I'm not sure where you got that.

I'm also not sure where you got your "evil" bit from. I made a factual statement, with no value judgments attached to it.

Re:Reminds me of IE 6 (0)

kangsterizer (1698322) | more than 2 years ago | (#38321366)

No, you're entirely right.

I'd point out that Firefox isn't dying. It's actively developed and fully open (top to bottom), faster than many in some areas (slower in some others - so far).
Plus, it stills gains more users every day - its just that the others, well, THE other (Chrome) is gaining *even more* users per day.

The heavy advertising, bundling as opt-in and so on is probably working out. And that, and the Google integration you describe certainly reflect the issue.

Google finally will be able to control the web search, content, *your* content too,your apps, your endpoints, almost everything. They just failed to kickstart their ISP, but eventually, they'll succeed. And to kickstart ChromeOS, but there's Android, and eventually, they'll succeed too.

Scary? yes, damn scary. And in 5 years from now, there's no stopping them. The devs at Google will eventually realize that, and some probably did, but hey, wont spit on the high pay :)

The only way I know, is communicate, make people aware of the issue, and start using stuff that support *true* standards. Heck even IE10 is rather good, and Opera ain't bad either. Firefox too.

Re:Reminds me of IE 6 (0)

Anonymous Coward | more than 2 years ago | (#38323700)

Yea, if only Chrome were based on some sort of open source browser like this: http://www.chromium.org/Home

Good question (2, Insightful)

0123456 (636235) | more than 2 years ago | (#38320466)

What would it be like if we could run native code inside the browser?

The massive swamp of security vulnerabilities that was ActiveX?

Re:Good question (1)

BitZtream (692029) | more than 2 years ago | (#38322416)

Ironic, every modern browser supports something like ActiveX.

I love when ignorant people such as yourself talk about shit you don't understand at all.

ActiveX is nothing more than a plugin system. It just happens to be system wide in Windows, and IE takes advantage of that ... IE6 and its ancestors had a lot of issues because OTHER developers marked ActiveX controls as SAFE FOR INTERNET USE and SAFE FOR SCRIPTING ON THE INTERNET when they were not and had no reason at all to be used.

The IE implementation errors didn't help as it made it far to easy for ActiveX controls to be installed without approval

In the end however, Firefox XPCOM objects not written in Javascript (so all the ones that do real work) are no different than ActiveX controls.

The difference is that other browser vendors got to watch someone else be the big most popular browser getting abused to all hell and back.

Re:Good question (2)

VortexCortex (1117377) | more than 2 years ago | (#38324066)

I think you're missing something important. Every bit of JavaScript you run on modern browsers is compiled into machine code in memory, marked as executable, then executed -- right on the metal.

This is why mistakes in the compiler and/or buffer overflows in JS supporting code can so easily cause remote code execution. All the "sandboxing" NaCl provides is the same as what JS provides -- NONE! Do you actually think that there are Zero buffer overflow vulnerabilities in any of your favorite softwares?

The only way to sand box this stuff is to have a secure Hardware supported VM, or use an interpreted language. We traded speed for security with WEB BROWSERS!?!? Yeah, the whole web is held together with duct-tape bubble gum and twine. I'm out. The native vetted application market is the way to go, except they all made the same SNAFUBAR, compiling bytecode to machine code and calling that a sandbox.

Increasing performance 1 times! (1)

karmicoder (2205760) | more than 2 years ago | (#38320476)

Hey... I have some great proprietary technology that can increase the performance of any program by at least 1 times. Please send $1 to Happy Dude, at 742 Evergreen Terrace...

Re:Increasing performance 1 times! (0)

Anonymous Coward | more than 2 years ago | (#38320568)

That's nothing - my tech will increase performance by a factor of 0 (it saves lots of power too)!

Re:Increasing performance 1 times! (0)

Anonymous Coward | more than 2 years ago | (#38321106)

You should market that to my CEO. His reply would probably look like :

"A dollar for a 1x speedup? I just mailed you 100 dollars. How quickly do you think you can send me a program to improve my performance by 100 times?"

Re:Increasing performance 1 times! (1)

AaronLS (1804210) | more than 2 years ago | (#38321456)

Thanks for the payment. Attached is the program that improves your performance by 1x a hundred times. 1*1*1*1....

Re:Increasing performance 1 times! (1)

DragonWriter (970822) | more than 2 years ago | (#38321176)

Hey... I have some great proprietary technology that can increase the performance of any program by at least 1 times.

You do realize that improving by 1 time is doubling, right?

Active X? (2)

The Raven (30575) | more than 2 years ago | (#38320486)

Can someone describe the differences between NaCl (Salt?) and ActiveX? They both seem to be methods to run native code inside a browser sandbox. What are the ways Google's offering is superior? Is it better at all than the current implementation of ActiveX? I like Google, but this particular initiative seems kind of backwards thinking.

A type-safe subset of x86 instructions (3, Informative)

tepples (727027) | more than 2 years ago | (#38320584)

NaCl defines a subset of x86 instructions that are verifiably type-safe, just as .NET IL and JVM bytecode are verifiably type-safe. The browser verifies the binary before executing it.

Re:A type-safe subset of x86 instructions (5, Informative)

shutdown -p now (807394) | more than 2 years ago | (#38321238)

It's not type-safe (there are no types as such on assembly level, it's all just bytes and words), it's memory-safe.

More importantly, the subset of instructions available in NaCl allows one to do lower-level stuff than verifiable CIL instructions (JVM is always memory-safe). For example, NaCl permits pointer arithmetic.

Re:A type-safe subset of x86 instructions (2)

Cajun Hell (725246) | more than 2 years ago | (#38323250)

People are going to be in for such a surprise, when the all-male population of dinosaurs start laying eggs. Life finds a way.

Re:Active X? (1)

should_be_linear (779431) | more than 2 years ago | (#38320670)

ActiveX, once you (or BFU) enabled it, can do anything user account is allowed to do. NaCl program is sandboxed, so even when you allowed it to run, it cannot do anything harmful.

Re:Active X? (2)

0123456 (636235) | more than 2 years ago | (#38320784)

NaCl program is sandboxed, so even when you allowed it to run, it cannot do anything harmful.

I remember people saying that about Java.

Re:Active X? (0)

swillden (191260) | more than 2 years ago | (#38321060)

NaCl program is sandboxed, so even when you allowed it to run, it cannot do anything harmful.

I remember people saying that about Java.

And it's true. Early on there were some JVM bugs that allowed malicious apps to break out of the sandbox, but those have been fixed, and sandboxed Java code is sandboxed very effectively.

Some "current info." 4U to read then (0)

Anonymous Coward | more than 2 years ago | (#38321752)

Java tops for hackers, warns Microsoft:

http://www.theregister.co.uk/2011/12/02/microsoft_java_vulnerabilities/ [theregister.co.uk]

&

Java Apps Have the Most Flaws, Cobol the Least:

http://developers.slashdot.org/story/11/12/09/1533252/java-apps-have-the-most-flaws-cobol-the-least [slashdot.org]

---

* Some "Food 4 Thought" in regards to your statement requoted here next:

"Early on there were some JVM bugs that allowed malicious apps to break out of the sandbox, but those have been fixed, and sandboxed Java code is sandboxed very effectively." - by swillden (191260) on Friday December 09, @07:00PM (#38321060) Homepage

Then how come the above's happening & EXTREMELY recently?

APK

P.S.=> I program in JAVA myself, but realize it's fallen short of its initial promises on safety/security...

... apk

Re:Some "current info." 4U to read then (1)

PwnzerDragoon (2014464) | more than 2 years ago | (#38322856)

You realize the JVM and a Java application are not the same thing, right? And I'm not saying the Register article is wrong, but I would take with a grain of salt anything Microsoft has to say about Java.

Re:Some "current info." 4U to read then (0)

Anonymous Coward | more than 2 years ago | (#38323110)

FYI, Java isn't an acronym. Don't capitalize it like one.

Re:Active X? (1)

Gaygirlie (1657131) | more than 2 years ago | (#38321122)

it cannot do anything harmful.

Or atleast that's the claim.

Re:Active X? (1)

DragonWriter (970822) | more than 2 years ago | (#38321048)

Can someone describe the differences between NaCl (Salt?) and ActiveX?

Native Client (NaCl) is a sandboxed environment that verifies and then executes a safe subset of x86 code. It is an open source technology integrated into Chrome that works pretty much everywhere Chrome does, and is a bridge to the real goal, which is Portable Native Client, which does similar things but uses LLVM bit code and client-side compilation so it isn't dependent on actually running on an x86 machine (opening it up to ARM-based devices, particularly.)

What are the ways Google's offering is superior?

Its not proprietary (in the non-open sense), it doesn't rely on the client running Windows.

Re:Active X? (1)

PwnzerDragoon (2014464) | more than 2 years ago | (#38322876)

(opening it up to ARM-based devices, particularly.)

Actually, NaCl already works on ARM. Though PNaCl will make it easier to develop for, as you won't need to maintain different builds for each platform.

Or You Could... You Know... (2)

Greyfox (87712) | more than 2 years ago | (#38320636)

Run native code WITHOUT the browser. Revolutionary idea, I know. You could pass on all the frameworks required to shoe-horn procedural programming onto a stateless protocol, give HTML and XML markup a miss, not write any javascript, and... just... write an application. And maybe it won't need 34MB to run in, and maybe it'll actually be instantly responsive. Maybe... just maybe... that's what you really need to do.

Re:Or You Could... You Know... (0)

Anonymous Coward | more than 2 years ago | (#38320912)

Heh... I've been thinking the same thing. Only problem is...it doesn't fit in with their aspirations of global domination...

Re:Or You Could... You Know... (1)

ceoyoyo (59147) | more than 2 years ago | (#38321764)

Heavens. You could use some other port than 80 and a protocol other than HTTP for communication too.

Re:Or You Could... You Know... (1)

mrnobo1024 (464702) | more than 2 years ago | (#38321984)

And if you don't want that application to put your security at risk via the arbitrary code execution exploit du jour, all you have to do is run that application in a separate limited user account. And make sure all your important files' ACLs prohibit access from that account. And don't use runas, use an actual separate login session, because of window shatter attacks. It's so easy, I bet everyone runs their applications this way. I'm sure you do. ...Right?

Re:Or You Could... You Know... (2)

goruka (1721094) | more than 2 years ago | (#38321992)

And lose the ease of deployment that web based apps have and the multiplatform goodness of Native Client? No thanks.

I guess you could call it... (1)

pipeep (2106308) | more than 2 years ago | (#38321364)

... rubbing salt in Adobe's wound.

A plugin to rule them all! (5, Interesting)

goruka (1721094) | more than 2 years ago | (#38321630)

Native Client is like a plugin that makes all other plugins obsolete.

-It can do everything you can do with Flash, Unity, Silverlight, etc.
-You can use any language to develop for it, C, C++, ObjC, Python, C#, you name it.
-Can access everything JS can (using the Pepper plugin API).
-It's from a trusted vendor (Google), so most people will not be afraid to install it.
-Will come pre-installed in the soon to be most popular web browser.
-It's open source
-It's much more secure than existing plugins due to sandboxing.

And, yes, I can understand HTML5 purists, but the truth is that:

1) Not everything can be made into a web application using HTML5+JS.
2) There's way too much code and applications written in other languages..
3) Cross-Platform web deployment is very attractive. Compile for x86 and ARM and 99.999% of the devices on the planet can be supported.

So, disable it if you don't want it, but this is a very attractive idea with a lot of potential for us developers, and even Adobe is trying somehting similar with Alchemy [adobe.com] on Flash. It's a much more realistic way to bring actual real applications to the web than the dream that HTML5+JavaScript is.

Re:A plugin to rule them all..you for got the rest (1)

bussdriver (620565) | more than 2 years ago | (#38323466)

One plugin to rule them all, one plugin to find them,
One plugin to bring them all and in the "sandbox" hack them.

Re:A plugin to rule them all! (0)

Anonymous Coward | more than 2 years ago | (#38323772)

Is this supposed to be sarcasm?
OK... the "trusted vendor" one was the funniest followed by the "most popular web browser" and the always funny "sandboxing".

It is surprising no one thinks of bytecode. (1)

master_p (608214) | more than 2 years ago | (#38324210)

It is quite surprising that, up until now, no one has thought of using a bytecode solution, that guarrantees portability and performance.

We have gone from the one extreme, i.e. an interpreted dynamic language, to the other extreme, i.e. native code. There is a sweet spot in between, that of bytecode, that offers portability and good performance on par with native code, and also better security than native code.

Broken on XP for me (1)

Cato (8296) | more than 2 years ago | (#38324314)

Unfortunately I get the message "requires an OpenGL card" on Windows XP SP3 with an NVidia GTX260, which definitely has working OpenGL. I've seen reports of this problem on MacOS too.

Hope Supergiant Games can fix this - since this is a web-delivered application, I'd hope they can grab hardware/OS details, with user permission, to help in resolving the issue.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>