Feeds

Google's Native Client goes live in Chrome

The C++ code Mozilla never wants on web

Secure remote control for conventional and virtual desktops

Google has officially launched Native Client – a means of securely running C and C++ code inside a browser – as part of a new stable version of its Chrome browser that activates this rather controversial sandboxing technology.

Mountain View turned on Native Client, aka NaCl, in the Chrome beta last month, and on Friday, it debuted in the new Chrome 14, a stable release that also includes Google's new Web Audio API.

First unveiled as an open source project over three years ago, Native Client is meant to turn the browser into a more serious platform for 3D games, video editing, and other apps that require the sort of speeds JavaScript can't provide.

"While JavaScript is a fabulous language and it just keeps getting better, there is a lot of great software that isn't written in JavaScript, and there are a lot of software developers that are brilliant, but they would rather work in a different language," Brad Chen, who oversees Google's Native Client project, told The Reg this summer.

"If we're successful with this project, we will make other languages more useful in the context of the web. We want to create a system that gives languages like C and C++ – but eventually others as well – the same excellent level of portability and safety that JavaScript provides on the web today."

In essence, Native Client is a sandbox designed to securely run native code. With the 32-bit x86 instruction set, Native Client taps the hardware's rarely-used "segment registers" to restrict where a program can read and write data in memory and to make sure the program doesn't jump to code outside a certain memory range. Plus, it uses a modified compiler and a code verifier that restrict code jumps.

So, yes, apps must be ported to the platform.

Native Client plugs into the browser via a new plugin API known as Pepper. "Our goal is to have an execution arm that can have no side effects – zero interaction with the outside world – and that's what we think we have achieved with the sandbox," Chen said. "But the thing is that if you can't interact with the outside world, including the browser, you can't actually do anything. That's where these Pepper interfaces come in. They're designed to expose to Native Client exactly what is also being exposed via JavaScript."

Google sees this as a natural extension of the web. But Opera and Mozilla see it very differently, preferring to concentrate on JavaScript and other existing web standards. "The promise of the web is that it's cross-platform, that it's source driven, that it evolves with time. Native Client doesn't actually solve any of those problems that the web actually solves," Mozilla open source evangelist Chris Blizzard told us at a conference in June.

"Once you download the native code, there's no opportunity for browser optimization. There's no opportunity for all kinds of things. You have to keep in mind that the evolution of browsers over the last several years has been that we have made a 10X improvement on existing sites. The evolution of browsers has made everyone's applications faster, whether or not you've updated that site in X number of years.

"With Native Client, all of that disappears. The fast innovation we've seen on the web disappears. A source code–based world means that we can optimize things that the user hasn't even thought of, and we can deliver that into their hands without you, the developer, doing anything."

At the moment, Native Client is only available for use with 32-bit and 64-bit x86 chips, but the company is working on a portable version known as Portable Native Client, aka PNaCl (pronounced "pinnacle"). Rather than generate x86, PNaCl will translate native code into bitcode using a compiler based on the open source LLVM (low-level virtual machine) project. When the browser downloads this bitcode, it will then translate it to machine code and validate it much like Native Client does today.

Because PNaCl is not yet in place, Google is only allowing Chrome 14 to run Native Client applications that come through the Chrome Web Store. This way, the company can ensure that developers offering versions of their applications that run on all available platforms – i.e. 32-bit and 64-bit x86.

Chrome 14 for Mac also includes a few changes specific to OS X Lion. It uses Lion's "overlay scrollbars", which only appear when you're scrolling, and it includes "initial support" for full-screen mode. You can switch to full screen using the Ctrl+Shift+F key combination or the Mac's full screen key.

You can download the release here. If you're already running Chrome, your browser will automatically be updated to the new version. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
First in line to order a Nexus 6? AT&T has a BRICK for you
Black Screen of Death plagues early Google-mobe batch
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?