Create an Account
username: password:
 
  MemeStreams Logo

RE: Native Client

search


RE: Native Client
by I Love Lamp at 1:09 pm EST, Dec 11, 2008

Decius wrote:

possibly noteworthy wrote:

Native Client is an open-source research technology for running x86 native code in web applications, with the goal of maintaining the browser neutrality, OS portability, and safety that people expect from web apps

Was that supposed to be ironic? In fact their security approach sounds interesting:

The inner-sandbox uses static analysis to detect security defects in untrusted x86 code. Previously, such analysis has been challenging due to such practices as self-modifying code and overlapping instructions. In our work, we disallow such practices through a set of alignment and structural rules that, when observed, enable the native code module to be disassembled reliably and all reachable instructions to be identified during disassembly. With reliable disassembly as a tool, it's then feasible for the validator to determine whether the executable includes unsafe x86 instructions.

Yeah, I'm sure it's 100% secure and works 100% of the time. Great idea, this puts ActiveX controls to shame.

RE: Native Client


 
 
Powered By Industrial Memetics