Google 'Arctic Sea' – Chrome native code, ahoy!

Mozilla spies 'threat' to interwebs future


Google has released the first official version of the software development kit for Native Client, its controversial plug-in for running native code inside the browser.

In a blog post, Google product manager Christian Stefansen called the release an "important milestone" in Google's efforts to make native code as portable and secure as JavaScript. "A big goal of this release is to enable developers to start building Native Client modules for Chrome applications," he said.

According to the release notes, the SDK is now known as "Arctic Sea". This is a departure from the project's usual household condiments theme. Google refers to Native Client as NaCl, and it uses a new plug-in interface called Pepper.

The project is designed to speed the performance of web applications, allowing apps coded in, say, C or C++ to be securely transfered over the web and executed inside the browser. JavaScript still lags behind the performance of native code, and Google is keen to work around it. The plug-in is also an "important part" of Google's upcoming Chrome OS, which only runs web-based applications.

"While the [Chrome] team has made JavaScript tremendously faster over the last two years, there's a lot of applications out there that have existing audiences that are [written in native code, such as C and C++], and there are a few that are specialized applications that need every last bit of performance the hardware can offer," Google engineering director Linus Upson told us in December. "Native Client is a way of addressing both those issues."

But the project doesn't sit particularly well with Opera and Mozilla and others who have a particularly strong belief that web applications should adhere to open industry standards. "Our mission is to promote an Open Web Platform which is the most compelling environment for modern applications," Mozilla says in a draft of its 2011 Firefox roadmap.

"Increasingly this vision is being threatened by application development models which bypass the Web in favour of directly connecting with Internet based resources in closed proprietary models." These models, the Mozilla roadmap says, include "plug-in balkanization" by the likes of Adobe Flash, the royalty-encumbered H.264 video codec, and, yes, Google's Native Client.

When we asked Google's Linus Upson about such objections to the technology, he pointed out that Native Client is open source. This really didn't address the issue. But he then expanded his defense, saying that in Google's conversations with Opera and Mozilla, the browser makers praised Native Client's design, and Upson believes they will eventually use it.

"We're starting to use Native Client internally in Chrome to help secure more and more of the browser. I wouldn't be surprised if more and more browser vendors do the same," he said. "What Native Client can do is to make it so that if you write a bug in your code – we all write bugs – it doesn't become a security vulnerability. It's an additional later of security."

Native Client is designed to ensure that each application module meets a set of structural criteria for dissembling instructions, and that it can't contain certain instruction sequences. Plus, it uses the new Pepper plug-in API, an update to the Netscape Plug-in Application Programming Interface (NPAPI) still in use with browsers like Chrome and Firefox.

"[NPAPI] is loosely specified, limited in capability and varies across browsers and operating systems. This can lead to incompatibilities, reduction in performance and some security headaches," Google has said. "[Pepper] aims to address the shortcomings of the current browser plug-in model."

Upson also believes that although Native Client is outside today's web stack, it can maintain the sort of webiness Mozilla wants. "When it comes to running programs over the web in Native Client, we're very sensitive to maintaining the qualities of the web that have made it so successful," he said.

"One of those things is that you can write applications that can run on any computer. One of the reasons we haven't widely deployed Native Client so far is we're working on something called Portable Native Client, so you're not tied to any one particular instruction set, so people can build whole new CPUs, whole new chip architectures, and [applications] won't get tied to those."

Portable Native Client – PNaCl, pronounced "pinnacle" – is a way of distributing portable versions of Native Client executables across all processors. Currently, Native Client works only with 32-bit and 64-bit x86 processors. PNaCL is designed to compile C, C++, and other languages into the Low Level Virtual Machine (LLVM) bitcode format, which allows for translation into the client to translate the code into its own native instruction set.

But for this to work across the web, browsers makers must also build the Native Client into their browsers. At the moment, the plug-in is only available with Chrome. It's turned off by default, but you can turn it on using the browser's "about:flags" dialog.

The Arctic Sea Native Client SDK includes new Pepper interfaces for compute, audio, and 2D Native Client modules – these are "close" to stable, according to Google. The company says it has beefed security as well, improving the auto-update mechanism (for making changes to the plug-in itself) and the outer sandbox (which works alongside an inner sandbox). In the "coming months," Google adds, it will add APIs for 3D graphics, local file storage, WebSockets, peer-to-peer networking, and more.

The Pepper plug-in interface is also used by the version of Adobe Flash that's now bundled with Chrome – and when Google first announced its Flash embrace, it described both Adobe and Mozilla as backers of the technology. "We are working with Adobe, Mozilla and the broader community to help define the next generation browser plug-in API," Google said in a blog post.

But not long after this announcement, Mozilla chief technology officer Brendan Eich told The Register that the open source outfit has "no official position on Pepper."

"We work by consensus in most standards bodies, including informal ones such as plugin-futures, where consensus means general agreement. Until and unless Pepper achieves consensus, it's not accurate to say that Mozilla or anyone else is 'on-board with ... Pepper,'" Eich said.

Google may see Native Client as the future of the high-performance web applications. We suspect it's even using the technology to build a new version of its Google Apps office suite. But the rest of the web may see things very differently. ®

Similar topics


Other stories you might like

  • Beijing reverses ban on tech companies listing offshore
    Announcement comes as Chinese ride-hailing DiDi Chuxing delists from NYSE under pressure

    The Chinese government has announced that it will again allow "platform companies" – Beijing's term for tech giants – to list on overseas stock markets, marking a loosening of restrictions on the sector.

    "Platform companies will be encouraged to list on domestic and overseas markets in accordance with laws and regulations," announced premier Li Keqiang at an executive meeting of China's State Council – a body akin to cabinet in the USA or parliamentary democracies.

    The statement comes a week after vice premier Liu He advocated technology and government cooperation and a digital economy that supports an opening to "the outside world" to around 100 members of the Chinese People's Political Consultative Congress (CPPCC).

    Continue reading
  • Nvidia teases server designs for Grace-Hopper Superchips
    x86 still 'very important' we're told as lid lifted on Arm-based kit

    Computex Nvidia's Grace CPU and Hopper Superchips will make their first appearance early next year in systems that'll be based on reference servers unveiled at Computex 2022 this week.

    It's hoped these Arm-compatible HGX-series designs will be used to build computer systems that power what Nvidia believes will be a "half trillion dollar" market of machine learning, digital-twin simulation, and cloud gaming applications.

    "This transformation requires us to reimagine the datacenter at every level, from hardware to software from chips to infrastructure to systems," Paresh Kharya, senior director of product management and marketing at Nvidia, said during a press briefing.

    Continue reading
  • Nvidia brings liquid cooling to A100 PCIe GPU cards for ‘greener’ datacenters
    For those who want to give their racks an air cut

    Nvidia's GPUs are becoming increasingly more power hungry, so the US giant is hoping to make datacenters using them "greener" with liquid-cooled PCIe cards that contain its highest-performing chips.

    At this year's Computex event in Taiwan, the computer graphics goliath revealed it will sell a liquid-cooled PCIe card for its flagship server GPU, the A100, in the third quarter of this year. Then in early 2023, the company plans to release a liquid-cooled PCIe card for the A100's recently announced successor, the Hopper-powered H100.

    Nvidia's A100 has already been available for liquid-cooled servers, but to date, this has only been possible in the GPU's SXM form factor that goes into the company's HGX server board.

    Continue reading
  • Zuckerberg sued for alleged role in Cambridge Analytica data-slurp scandal
    I can prove CEO was 'personally involved in Facebook’s failure to protect privacy', DC AG insists

    Cambridge Analytica is back to haunt Mark Zuckerberg: Washington DC's Attorney General filed a lawsuit today directly accusing the Meta CEO of personal involvement in the abuses that led to the data-slurping scandal. 

    DC AG Karl Racine filed [PDF] the civil suit on Monday morning, saying his office's investigations found ample evidence Zuck could be held responsible for that 2018 cluster-fsck. For those who've put it out of mind, UK-based Cambridge Analytica harvested tens of millions of people's info via a third-party Facebook app, revealing a – at best – somewhat slipshod handling of netizens' privacy by the US tech giant.

    That year, Racine sued Facebook, claiming the social network was well aware of the analytics firm's antics yet failed to do anything meaningful until the data harvesting was covered by mainstream media. Facebook repeatedly stymied document production attempts, Racine claimed, and the paperwork it eventually handed over painted a trail he said led directly to Zuck. 

    Continue reading
  • Florida's content-moderation law kept on ice, likely unconstitutional, court says
    So cool you're into free speech because that includes taking down misinformation

    While the US Supreme Court considers an emergency petition to reinstate a preliminary injunction against Texas' social media law HB 20, the US Eleventh Circuit Court of Appeals on Monday partially upheld a similar injunction against Florida's social media law, SB 7072.

    Both Florida and Texas last year passed laws that impose content moderation restrictions, editorial disclosure obligations, and user-data access requirements on large online social networks. The Republican governors of both states justified the laws by claiming that social media sites have been trying to censor conservative voices, an allegation that has not been supported by evidence.

    Multiple studies addressing this issue say right-wing folk aren't being censored. They have found that social media sites try to take down or block misinformation, which researchers say is more common from right-leaning sources.

    Continue reading
  • US-APAC trade deal leaves out Taiwan, military defense not ruled out
    All fun and games until the chip factories are in the crosshairs

    US President Joe Biden has heralded an Indo-Pacific trade deal signed by several nations that do not include Taiwan. At the same time, Biden warned China that America would help defend Taiwan from attack; it is home to a critical slice of the global chip industry, after all. 

    The agreement, known as the Indo-Pacific Economic Framework (IPEF), is still in its infancy, with today's announcement enabling the United States and the other 12 participating countries to begin negotiating "rules of the road that ensure [US businesses] can compete in the Indo-Pacific," the White House said. 

    Along with America, other IPEF signatories are Australia, Brunei, India, Indonesia, Japan, South Korea, Malaysia, New Zealand, the Philippines, Singapore, Thailand and Vietnam. Combined, the White House said, the 13 countries participating in the IPEF make up 40 percent of the global economy. 

    Continue reading
  • 381,000-plus Kubernetes API servers 'exposed to internet'
    Firewall isn't a made-up word from the Hackers movie, people

    A large number of servers running the Kubernetes API have been left exposed to the internet, which is not great: they're potentially vulnerable to abuse.

    Nonprofit security organization The Shadowserver Foundation recently scanned 454,729 systems hosting the popular open-source platform for managing and orchestrating containers, finding that more than 381,645 – or about 84 percent – are accessible via the internet to varying degrees thus providing a cracked door into a corporate network.

    "While this does not mean that these instances are fully open or vulnerable to an attack, it is likely that this level of access was not intended and these instances are an unnecessarily exposed attack surface," Shadowserver's team stressed in a write-up. "They also allow for information leakage on version and build."

    Continue reading
  • A peek into Gigabyte's GPU Arm for AI, HPC shops
    High-performance platform choices are going beyond the ubiquitous x86 standard

    Arm-based servers continue to gain momentum with Gigabyte Technology introducing a system based on Ampere's Altra processors paired with Nvidia A100 GPUs, aimed at demanding workloads such as AI training and high-performance compute (HPC) applications.

    The G492-PD0 runs either an Ampere Altra or Altra Max processor, the latter delivering 128 64-bit cores that are compatible with the Armv8.2 architecture.

    It supports 16 DDR4 DIMM slots, which would be enough space for up to 4TB of memory if all slots were filled with 256GB memory modules. The chassis also has space for no fewer than eight Nvidia A100 GPUs, which would make for a costly but very powerful system for those workloads that benefit from GPU acceleration.

    Continue reading

Biting the hand that feeds IT © 1998–2022