*cough* There's some great potential for a botnet here *cough*

Seriously, I wonder how secure this will all be; the implications of a hole could be rather large.

OS portability

...or no OS at all maybe? I'm all for it. Let's do this! (yeah right).

"...compilation tools and runtime so that you can write and run portable code modules that will work in Firefox, Safari, Opera, and Google Chrome on any modern Windows, Mac, or Linux system that has an x86 processor.."

hmmm... Seems someone wasn't invItEd to the party.

I'm too lazy to do any actual research but don't

Firefox, Safari, Opera, and Google Chrome

all use common componants?

There was ActiveX way before that, albeit not cross-platform but still very bad idea.

Silverlight is probably a decent implementation that still retains fairly good security model, but even that faces large resistance.

Wait a second, do they support IE at all?

With the ability to seamlessly run native code on the user's machine

Yikes, I'm no tinfoil hat kind of guy, but if I want this, I'll DMZ my computer and let the interwebs have at it...

Wasn't Java supposed to do this for us?

- browser independent
- cross platform
- runs code on client machine

Aren't we getting closer to an o/s here, too.

Pardon me for posting some stuff that's already been mentioned here. I was posting in a different thread about this subject and when I went to save it the thread had been closed.

This seems to be Google's attempt to eclipse Mozilla in the extensions department, and then move on to other things as well.

Is this the beginning of the write it once, run it anywhere example that JAVA always claimed was its domain, but which it never really accomplished?

If so I wish them luck. It would be nice to have one AdBlock, for example, that runs in almost any browser. Or even in something like the somewhat new ad-supported Outlook replacements. I firmly believe we shouldn't block ads that help support products we use, but I know I'm somewhat alone in feeling that way.

I can also see this being used to help Google Apps accomplish for multiple browsers what I mentioned I hope would happen with Chrome alone: extensions to make Apps easier to use and more powerful.

I'm off to download this and start tinkering. I'm especially anxious to see what they've done to limit my ability to get at core computer functions like, oh let's say, formatting the HDD, or perhaps something higher level like peeking at address books or zombifying the computer for use in botnet attacks or spamming.

Seriously, I wonder how secure this will all be; the implications of a hole could be rather
large.
-johnnie

Secure: not at all.
Implications of a hole: very real.

In the "For More fun" section of the WhatToTest page, they suggest coders attempt to defeat the security (which they admit is not complete), and break out of the "inner sandbox" and execute system calls...

Aren't we getting closer to an o/s here, too.
-engine

OS would imply you could boot the machine up with it. I don't see it having that functionality. It appears more like it makes the browser into a shell, but needs the OS for low level functions, (disk/device read/write, I/O, etc).

If it isn't broken...

Sure. But what if it is?

Now they've got me curious.
Mainly because I've done a lot with HTA's (Microsoft Internet Explorer Hyper-Text-Application)

Providing a way for the browser to form a bridge between the OS and the net is an old idea. IBM developed something along those lines also, but I forget the name of it. (Dead and buried now, anyway.)
However, what level of security can be acheived, I don't know.

Anybody actually download and play around with this? (I'm a little afraid, I have to admit. I'll do it on my "anything goes" test machine.)

Wasn't Java supposed to do this for us?
- browser independent
- cross platform
- runs code on client machine

java is going to do this for us, atlast

meeet java FX.

[edited by: J_RaD at 5:34 am (utc) on Dec. 17, 2008]