February 22nd, 2009
A very interesting paper was just published by Microsoft Research that details a browser construction that acts more like an operating system, partitioning off resources only to those who need it.
Although our architecture may seem to be a straightforward application of multi-principal OS construction to the browser setting, it exposes intricate problems that didn’t surface in previous work, including dealing with legacy protection for cross-origin script source, display protection, and resource allocations in the face of cross-principal web service composition common on today’s web. We detail our solutions to the first two problems and leave resource allocation as future work.
In our browser design, we take the general stance that security (maintaining the multi-principal OS principles by having Browser Kernel exclusively manage the resource protection and sharing) comes before backward compatibility. We will not trade significant security risks for compatibility. Nevertheless, we will also not settle on a design that breaks many parts of the web to secure just a few sites. We present design rationales for such decisions throughout our design.
We have built an IE-based prototype that realizes Gazelle’s multi-principal OS architecture and at the same time utilizes all the backward-compatible parsing, DOM management, and JavaScript interpretation that already exist in IE. Our prototype experience indicates that it is feasible to turn an existing browser into a multi-principal OS while leveraging its existing capabilities.
With our prototype, we successfully browsed 19 out of the 20 Alexa-reported, most popular sites that we tested. The performance of the prototype is acceptable, and a significant portion of the overhead comes from IE instrumentation, which can be eliminated in a production implementation.
I wouldn't get too excited about being able to see an implementation soon - this was done by Microsoft Research (it doesn't appear as if anyone from the IE team was directly involved - this was mostly an academic pursuit). Regardless, it makes for a very-interesting read with regards to much of the technology that inhabits a web browser (DOM, CSS, etc.) and the security concerns that surround them.
Tags: microsoft, ie, browsers
21 Comments on 'The Browser Operating System'
September 9th, 2008
Dion Almaer just posted the fourth episode of the Open Web Podcast in which we sat down with Allen Wirfs-Brock and Pratap lakshman and discussed ECMAScript and Internet Explorer 8.
The full release notes, from Dion, are below:
Allen Wirfs-Brock is the standards guy from Microsoft who sits and works on ECMA. Pratap Lakshman is from the JScript team, and works on the ECMAScript 3.1 committee.
They were gracious enough to joined us on the call to discuss the recent new around ECMAScript Harmony, how Microsoft feels about it, work that is being done in IE 8, performance, and tangents into ideas behind the Open Web.
You can download the podcast directly (OGG format too), or subscribe to the series, including via iTunes).
When a beta of IE 8 comes out, we all download it quickly to find out what was added, what wasn’t, and also making sure that our tricks weren’t taken away!
The guys talked about the Object.defineProperty support added in IE8b2. Allen clarified the implementation details on how this has been added to hosted DOM objects and not JavaScript “native” objects. The team has been working on “end to end performance” issues, and have done a lot of work on the DOM. They also mentioned how we should expect a new set of technology to run JavaScript in the future. It has to happen, they have to join the new performance world with TraceMonkey, V8, and SquirrelFish (Extreme).
The better environments to run JavaScript dovetail nicely with the ability to have JavaScript become more self-hosting, which was discussed in some depth. They also mentioned the goal in IE8 to have JavaScript developers not requiring to do special work for IE, and a bunch of bugs have been fixed around this core issue. What about core DOM event support? John brought up that with the addition of DOM prototypes, that this could be added by libraries, and that this hook could be used for a lot of good.
We were also led into discussing the disconnect between the ECMA standard and the W3C standard, primarily the DOM and JavaScript. Pratap was a little disturbed that the ECMAScript spec only had a few words on DOM, and some banter occurred around the role of JavaScript as being the One True Open Web language, or whether there is a place for the polyglots.
Recent podcasts
Tags: microsoft, ecmascript
5 Comments on 'Podcast: Microsoft on ECMAScript, IE 8'
March 4th, 2008
I'm really excited about Microsoft's switch today to make standards mode rendering the default rendering style, going forward - even at the cost of "breaking the web." I think this is going to have serious positive ramifications for the whole web ecosystem, which is just fantastic. I can't imagine this decision coming lightly and I greatly respect them for making it, even turning about after plenty of criticism.
There's one little jewel tucked away in Microsoft's press release, that helps to shed some light on why this massive change of heart may have come about:
“While we do not believe there are currently any legal requirements that would dictate which rendering mode must be chosen as the default for a given browser, this step clearly removes this question as a potential legal and regulatory issue,†said Brad Smith, Microsoft senior vice president and general counsel.
Ah ha! It all becomes clear, now:
The straw that broke the camel's back? Even if that's not the case, whatever the final reasoning was, I'm just glad that this conclusion has been come to. The web will soon be a much better place for everyone.
Tags: ie, microsoft, browsers
19 Comments on 'Unbreaking the Web'
