Feeds

Google's Native Client goes live in Chrome

The C++ code Mozilla never wants on web

Top 5 reasons to deploy VMware with Tegile

Google has officially launched Native Client – a means of securely running C and C++ code inside a browser – as part of a new stable version of its Chrome browser that activates this rather controversial sandboxing technology.

Mountain View turned on Native Client, aka NaCl, in the Chrome beta last month, and on Friday, it debuted in the new Chrome 14, a stable release that also includes Google's new Web Audio API.

First unveiled as an open source project over three years ago, Native Client is meant to turn the browser into a more serious platform for 3D games, video editing, and other apps that require the sort of speeds JavaScript can't provide.

"While JavaScript is a fabulous language and it just keeps getting better, there is a lot of great software that isn't written in JavaScript, and there are a lot of software developers that are brilliant, but they would rather work in a different language," Brad Chen, who oversees Google's Native Client project, told The Reg this summer.

"If we're successful with this project, we will make other languages more useful in the context of the web. We want to create a system that gives languages like C and C++ – but eventually others as well – the same excellent level of portability and safety that JavaScript provides on the web today."

In essence, Native Client is a sandbox designed to securely run native code. With the 32-bit x86 instruction set, Native Client taps the hardware's rarely-used "segment registers" to restrict where a program can read and write data in memory and to make sure the program doesn't jump to code outside a certain memory range. Plus, it uses a modified compiler and a code verifier that restrict code jumps.

So, yes, apps must be ported to the platform.

Native Client plugs into the browser via a new plugin API known as Pepper. "Our goal is to have an execution arm that can have no side effects – zero interaction with the outside world – and that's what we think we have achieved with the sandbox," Chen said. "But the thing is that if you can't interact with the outside world, including the browser, you can't actually do anything. That's where these Pepper interfaces come in. They're designed to expose to Native Client exactly what is also being exposed via JavaScript."

Google sees this as a natural extension of the web. But Opera and Mozilla see it very differently, preferring to concentrate on JavaScript and other existing web standards. "The promise of the web is that it's cross-platform, that it's source driven, that it evolves with time. Native Client doesn't actually solve any of those problems that the web actually solves," Mozilla open source evangelist Chris Blizzard told us at a conference in June.

"Once you download the native code, there's no opportunity for browser optimization. There's no opportunity for all kinds of things. You have to keep in mind that the evolution of browsers over the last several years has been that we have made a 10X improvement on existing sites. The evolution of browsers has made everyone's applications faster, whether or not you've updated that site in X number of years.

"With Native Client, all of that disappears. The fast innovation we've seen on the web disappears. A source code–based world means that we can optimize things that the user hasn't even thought of, and we can deliver that into their hands without you, the developer, doing anything."

At the moment, Native Client is only available for use with 32-bit and 64-bit x86 chips, but the company is working on a portable version known as Portable Native Client, aka PNaCl (pronounced "pinnacle"). Rather than generate x86, PNaCl will translate native code into bitcode using a compiler based on the open source LLVM (low-level virtual machine) project. When the browser downloads this bitcode, it will then translate it to machine code and validate it much like Native Client does today.

Because PNaCl is not yet in place, Google is only allowing Chrome 14 to run Native Client applications that come through the Chrome Web Store. This way, the company can ensure that developers offering versions of their applications that run on all available platforms – i.e. 32-bit and 64-bit x86.

Chrome 14 for Mac also includes a few changes specific to OS X Lion. It uses Lion's "overlay scrollbars", which only appear when you're scrolling, and it includes "initial support" for full-screen mode. You can switch to full screen using the Ctrl+Shift+F key combination or the Mac's full screen key.

You can download the release here. If you're already running Chrome, your browser will automatically be updated to the new version. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Preview redux: Microsoft ships new Windows 10 build with 7,000 changes
Latest bleeding-edge bits borrow Action Center from Windows Phone
Google opens Inbox – email for people too thick to handle email
Print this article out and give it to someone tech-y if you get stuck
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
FTDI yanks chip-bricking driver from Windows Update, vows to fight on
Next driver to battle fake chips with 'non-invasive' methods
UNIX greybeards threaten Debian fork over systemd plan
'Veteran Unix Admins' fear desktop emphasis is betraying open source
Entity Framework goes 'code first' as Microsoft pulls visual design tool
Visual Studio database diagramming's out the window
Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...
Wobbly Gmail, Contacts, Calendar on the other hand ...
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.