Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Chrome Chromium Google

Google Chrome 31 Is Out: Web Payments, Portable Native Client 123

Posted by Soulskill from the onward-and-upward dept.
An anonymous reader writes "Google today released Chrome version 31 for Windows, Mac, and Linux. The new version includes support for Web payments, Portable Native Client, and 25 security fixes. 'Under the hood, PNaCl works by compiling native C and C++ code to an intermediate representation, rather than architecture-specific representations as in Native Client. The LLVM-style bytecode is wrapped into a portable executable, which can be hosted on a web server like any other website asset. When the site is accessed, Chrome fetches and translates the portable executable into an architecture-specific machine code optimized directly for the underlying device. This translation approach means developers don’t need to recompile their applications multiple times to run across x86, ARM or MIPS devices.' You can update to the latest release now using the browser's built-in silent updater, or download it directly from google.com/chrome."
This discussion has been archived. No new comments can be posted.

Google Chrome 31 Is Out: Web Payments, Portable Native Client More

Google Chrome 31 Is Out: Web Payments, Portable Native Client

Comments Filter:

  • What? (Score:4, Informative)

    by brunes69 ( 86786 ) <`gro.daetsriek' `ta' `todhsals'> on Tuesday November 12, 2013 @10:23PM (#45408363)

    "Chrome fetches and translates the portable executable into an architecture-specific machine code optimized directly for the underlying device. This translation approach means developers donâ(TM)t need to recompile their applications multiple times to run across x86, ARM or MIPS devices.'

    Ummmm... sounds like Java?

  • Re:Security? (Score:5, Informative)

    by cheater512 ( 783349 ) <nick@nickstallman.net> on Tuesday November 12, 2013 @10:33PM (#45408433) Homepage

    Same way they do as JS. They control what APIs it can call.

    C code without any APIs can't exploit a potato. It isn't inherently able to talk to the kernel.

  • Re:ActiveX was such a good idea after all.... (Score:5, Informative)

    by aztracker1 ( 702135 ) on Tuesday November 12, 2013 @10:57PM (#45408593) Homepage
    I don't think that ActiveX itself was a bad idea.. Setting the email client to "local" security context instead of "untrusted", and marking activex controls that can access the file system as "safe for scripting" while the browser is allowed to run in "administrator" security context.. those were poor decisions all around.. but having a flexible plugin architecture in and of itself isn't a bad idea.

  • Re:Security? (Score:5, Informative)

    by CTachyon ( 412849 ) <chronos AT chronos-tachyon DOT net> on Tuesday November 12, 2013 @11:33PM (#45408909) Homepage

    How they maintain security with C and C++ applets?

    -- hendrik

    NaCl (in its standard, non-Portable flavor) is essentially a bytecode that happens to be directly executable as machine code (either x86-64 or ARM). The bytecode can be statically verified to mathematically prove that the instructions obey certain rules (e.g. exactly one interpretation for any bytecode, execution only leaves the verified bytecode by calling trusted functions, can only read/write memory in the sandbox, cannot write to bytecode, etc.). As I understand it, PNaCl is similar to classic x86/ARM NaCl but trades fake bytecode for real bytecode (LLVM's intermediate representation, last I heard) and statically compiles it to native machine code after the bytecode verification step. Basically, in this scheme the verified C code can run at near-native speed, but it can only communicate with the world outside the sandbox by calling trusted functions that the enclosing app chooses to expose.

    Theoretically, Java ought to be just as strongly sandboxed as NaCl: Java code in a JVM sandbox can only call trusted functions that the JVM chooses to expose, too. But in practice the Java standard library exposes a ridiculously broad attack surface, giving sandboxed apps plenty of chances to exploit bugs and escape the sandbox. (For instance, java.lang.String is a final class today because folks discovered that you could subclass it to make it mutable, pass a sandbox-approved value to e.g. a file I/O function, then modify the value to a sandbox-forbidden value after the security check but before the OS system call.) Basically, Java's attack surface is broad and leaky because Java was designed for running embedded devices and servers, not for sandboxed applets downloaded from hostile sites on the Internet. Applets were a distant afterthought compared to Java's "let's write an OS for set-top cable boxes" origin.

    In contrast with Java, Chrome's implementation of [P]NaCl only exposes the Pepper API, and the Pepper API was designed from the ground up to be called by sandboxed code fetched from a malicious website. Looking at the Pepper C API site [google.com], the attack surface seems... bigger... than I would have expected. But most of the functionality I see there is also exposed to JavaScript, where the code is every bit as hostile. Almost any "attack surface, WTF" argument would also argue against JavaScript and all modern web design. And if they're smart, one API is hopefully built on top of the other (plus a thunk layer made of machine-generated code), so that there's only one pool of security bugs to fix.

  • Re:Security? (Score:2, Informative)

    by Anonymous Coward on Wednesday November 13, 2013 @04:58AM (#45410555)

    And by "again and again" you mean "twice over the 7 years this contest is held".

Slashdot Top Deals

THEGODDESSOFTHENETHASTWISTINGFINGERSANDHERVOICEISLIKEAJAVELININTHENIGHTDUDE

Close