Native Client from Google. Running native code safely on the web.

On Dec 8, Google unveiled a new technology for running native code within a browser. The Native Client project represents a significant effort towards a new technology for web browsers, to achieve greater speeds by giving browser applications a performance similar to the native applications, while ensuring safety.

Quoting the paper’s abstract:

(…)Native Client, a sandbox for untrusted x86 native modules. Native Client aims to give browser-based applications the computational performance of native applications without compromising safety. Native Client uses software fault isolation and a secure runtime to direct system interaction and side effects through interfaces managed by Native Client. Native Client provides operating system portability for binary code while supporting performanceoriented features generally absent from web application programming environments, such as thread support, instruction set extensions such as SSE, and use of compiler intrinsics and hand-coded assembler. We combine these properties in an open architecture that encourages community review and 3rd-party tools.

Running a web application code directly into the machine, without the browser layer in the middle opens the door to unlimited posibilities in performance. Of course, it also opens the door to some safety issues, but Google is using the inner-sandbox approach to guarantee that any code executed withing the memory range that is allocated to the application will stay within that memory space. This would prevent from running malicious code in other memory areas. The first security issue has been detected by now, but that’s why Google released the code, to be tested as hard as it’s possible.

I’ve been taking a look at the distribution, and all I can say is that this might be the future of web development. NaCl can be used as a plugin for Firefox, Chrome and some other browsers, but I stayed with the heavyweight championship and the ferocious newbie. Let’s just take a brief look at the following comparison (screenshots from a demo packed with NaCl):


On the right column we have the Firefox and Chrome pure JavaScript machines, Spidermonkey from FF and V8 from Ch. It come has no surprise that NaCl is faster than Spidermonkey, but just take a look at the V8 speed!! jeezz I knew that Ch had the faster JS engine but I didn’t thought it was that much! Surprisingly, NaCl for Ch is outperformed by NaCl for FF.

Take a look at this amazing new technology and play around with the bundled demos. You will find such gems like a Quake for NaCl! yes, native 3d on top of a browser, can you imagine? With the download bundle you can test some demos running NaCl as a standalone application, build/install the plugin and even build the entire NaCl (with the comfortable SCons build tool based in Python ) as well as new modules for it. NaCl is written in C for maximum speed, so you should have experience in this language to write modules for it.

What do you think? could this be the future of the web applications?

Leave a Reply