Linked by Thom Holwerda on Wed 3rd Jun 2009 11:21 UTC, submitted by Hakime
One of the defining features of Google's Chrome web browse is its sandboxing feature. You probably won't realise it's there, but from a security point of view, sand-boxing is one of the most impotant factors in browser security, as it severely limits the amount of damage a security hole can do: sure, you've got a hole in the browser, but thanks to sandboxing, you're pretty much locked in - until you break out of the sandbox, of course. Sandboxing on the Windows variant of Chrome was a "complicated affair", says Chromium developer Jeremy Moskovich, but for the Mac version, it's all a bit easier and more straightforward. On Linux, however, it's a mess.
Thread beginning with comment 366800
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
RE: Sounds like a pain on all of them actually
by ba1l on Wed 3rd Jun 2009 15:24
in reply to "Sounds like a pain on all of them actually"
Member since:2007-09-08
Yeah, that's what I got from it too.
Ideally, it'd be easy on Linux. The obvious candidates are AppArmor and SELinux. They're both configuration-based, and an appropriate profile for each process would allow Chrome's sandboxing to just work.
The problem is that neither are universally supported, but most modern distributions support one or the other. I don't know why they don't just develop and ship profiles for both, and let the OS apply whichever one it supports.
Everything else mentioned on that page involves abusing other features of the OS to provide sandboxing functionality, which is pretty much what they had to do on Windows as well.
For the Windows version, they didn't seem to complain about this in the slightest - they just got on with it. They even seemed proud of it, and published details of all the torture they had to go through to make it work. Interesting reading, by the way.
So why all the complaints about every little problem they have on Mac / Linux? Can't the guys developing the Mac / Linux versions just get on with solving the problems, like they guys who developed the Windows version did?
News
Linked by Thom Holwerda on 06/18/13 17:45 UTC
"I can't find one person who has been using the Nexus 7 for an extended period of time, and hasn't seen a massive downgrade in performance. Just what kind of downgrade are we talking here? I cannot pick up my Nexus 7 without experiencing problems like a lag of ten seconds, or more, just to rotate the display; touches refusing to acknowledged; stuttering notification panel actions; and unresponsive apps." Fully and utterly agreed. My Nexus 7 was blazing-fast and awesome for a few months, and at some point, it just started sucking. Just like that. I've tried loads of ROMs, and nothing helps.
Linked by Thom Holwerda on 06/18/13 17:32 UTC, submitted by poundsmack
A new release of the hobby operating system MenuetOS! The release notes are a bit non-descript, but you'll have to take what you can get: "updates and improvements (picview, httpc, ehci, ...)".
Linked by Thom Holwerda on 06/17/13 17:58 UTC
"The Internet is one of the most transformative technologies of our lifetimes. But for 2 out of every 3 people on earth, a fast, affordable Internet connection is still out of reach. And this is far from being a solved problem. There are many terrestrial challenges to Internet connectivity - jungles, archipelagos, mountains. There are also major cost challenges. Right now, for example, in most of the countries in the southern hemisphere, the cost of an Internet connection is more than a month's income. Solving these problems isn't simply a question of time: it requires looking at the problem of access from new angles. So today we're unveiling our latest moonshot from Google[x]: balloon-powered Internet access." Insane.
Linked by Thom Holwerda on 06/17/13 17:52 UTC
"MineAssemble is a tiny bootable Minecraft clone written partly in x86 assembly. I made it first and foremost because a university assignment required me to implement a game in assembly for a computer systems course. Because I had never implemented anything more complex than a 'Hello World' bootloader before, I decided I wanted to learn about writing my own kernel code at the same time. Note that the goal of this project was not to write highly efficient hand-optimized assembly code, but rather to have fun and write code that balances readability and speed. This is primarily accomplished by proper commenting and consistent code structuring." Just cool.
Linked by Thom Holwerda on 06/14/13 21:03 UTC
Jon Rubinstein, former CEO of Palm: "Well, I'm not sure I would have sold the company to HP. That's for sure. Talk about a waste. Not that I had any choice because when you sell a company you don't get to decide that. Obviously, the board and shareholders decide that. If we had known they were just going to shut it down and never really give it a chance to flourish, what would have been the point of selling the company? I think the deal we had with Verizon really hurt us, but who knew that at the time? These things are all hindsight."
Linked by Thom Holwerda on 06/14/13 20:46 UTC
"And so it is with Dell's Alienware X51 R2, a small form factor gaming PC in console digs. It's shaped similar to Microsoft's Xbox 360 Slim, and though it's slightly larger than either a 360 or PlayStation 3, the X51 R2 would be right at home in a living room setting nestled next to a large screen TV. Indeed, it's adept at running Steam's Big Picture mode, and if your primary objective is to play games in the living room, go ahead and consider the X51 R2 a hybrid game console." This is obviously not the only machine like this - still, these are very valid console alternatives even for those that don't like being hunched over with a cramped WASD-claw. Also, PC gamers among us: could you get away with the $699 model for gaming?
Linked by Thom Holwerda on 06/14/13 17:32 UTC
From Bloomberg: "Microsoft, the world's largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes." The lid has officially been blown off.
Linked by Thom Holwerda on 06/14/13 11:39 UTC
"The key takeaway we've reached (after two less than 24 hours playing with the iOS 7 Beta release) is this - every App must consider even basic updates to its UI to survive in a post-iOS 6 world." Great. Telling developers to update their entire application - user interface and behaviour alike - to target a look and behaviour that isn't final yet. Seems like potential for a lot of wasted work here.
Linked by Thom Holwerda on 06/14/13 11:32 UTC
"Overall the app is really basic, and designed for on the go editing. Microsoft says it's not planning to create an iPad version, noting that tablet users can utilize the Office Web Apps instead. We'd like to see some additional options for editing, including more clear options for text formatting and the ability to insert and change images, but it's a solid attempt for something you're only really going to use for editing in emergencies." A resounding meh can be heard from all over the world.
Linked by Thom Holwerda on 06/13/13 19:39 UTC
"Today, most people are using modern browsers that support the majority of the latest web technologies. Better yet, the usage of legacy browsers is declining significantly and newer browsers stay up to date automatically, which means the leading edge has become mainstream. Given these factors we've decided to retire Chrome Frame, and will cease support and updates for the product in January 2014." Eh.More News »
Sponsored Links
Member since:
2005-11-13
From reading the article it honestly sounds like a bit of a PITA on all operating systems to me.
It takes a load of code on Windows
On Linux, they can't decide which route to go
On OS X, while a framework exists, they are flying blind on knowing which API calls actually work correctly within the framework.
The whole thing sounds like a headache to me on any OS.