CircleID

Google Chrome is a lot more than a next generation browser; it's a prototype Cloud Operating Environment.

Rather than blathering on to the blogosphere about the superficial features of Google's new Chrome browser I've spent some time studying the available material and [re]writing a comprehensive Wikipedia article on the subject which I intend for anyone to be free to reuse under a Creative Commons Attribution 3.0 license (at least this version anyway) rather than Wikipedia's usual strong copyleft GNU Free Documentation License (GFDL). This unusual freedom is extended in order to foster learning and critical analysis, particularly in terms of security.

My prognosis is that this is, without a doubt, big news for cloud computing, and as a CISSP watching with disdain at the poor state of web browser security, big news for the security community too. Here's why:

Surfing the Internet today is like unprotected sex with strangers; Chrome is the condom of the cloud.

The traditional model of a monolithic browser is fundamentally and fatally flawed (particularly with the addition of tabs). Current generation browsers lump together a myriad trusted and untrusted software (yes, many web sites these days are more software than content) running in the same memory address space. Even with the best of intentions this is intolerable as performance problems in one area can cause problems (and even data loss) in others. It's the web equivalent of the bad old days where one rogue process would take down the whole system. Add nefarious characters to the mix and it's like living in a bad neighbourhood with no locks.

Current generation browsers are like jails without cells.

Chrome introduces a revolutionary new software architecture, based on components from other open source software, including WebKit and Mozilla, and is aimed at improving stability, speed and security, with a simple and efficient user interface.

The first intelligent thing Chrome does is split each task into a separate process ('sandbox'), thus delegating to the operating system which has been very good at process isolation since we introduced things like pre-emptive multitasking and memory protection. This exacts a fixed per-process resource cost but avoids memory fragmentation issues that plague long-running browsers. Every web site gets its own tab complete with its own process and WebKit rendering engine, which (following the principle of least privilege) runs with very low privileges. If anything goes wrong the process is quietly killed and you get a mac-style sad tab icon rather than an error reporting dialog for the entire browser.

Chrome enforces a simple computer security model whereby there are two levels of multilevel security (user and sandbox) and the sandbox can only respond to communication requests initiated by the user. Plugins like Flash which often need to run at or above the security level of the browser itself are also sandboxed in their own relatively privileged processes. This simple, elegant combination of compartments and multilevel security is a huge improvement over the status quo, and it promises to further improve as plugins are replaced by standards (e.g. HTML 5 which promises to displace some plugins by introducing browser-native video) and/or modified to work with restricted permissions. There are also (publicly accessible) blacklists for warning users about phishing and malware and an "Incognito" private browsing mode.

Tabs deplace windows as first class citizens and can migrate between them like an archipelago of islands.

The user interface follows the simplification trend, and much of the frame or "browser chrome" (hence the name) can be hidden altogether so as to seamlessly blend web applications (e.g. Gmail) with the underlying operating system. Popups are confined to their source tab unless explicitly dragged to freedom, the "Omnibox" simplifies (and remembers) browsing habits and searches and the "New Tab Page" replaces the home page with an Opera style speed dial interface along with automatically integrated search boxes (e.g. Google, Wikipedia). Gears remains as a breeding ground for web standards and the new V8 JavaScript engine promises to improve performance of increasingly demanding web applications with some clever new features (most notably dynamic compilation to native code).

Just add Linux and cloud storage and you've got a full blown Cloud Operating System ("CloudOS")

What is perhaps most interesting though (at least from a cloud computing point of view) is the full-frontal assault on traditional operating system functions like process management (with a task manager that allows users to "see what sites are using the most memory, downloading the most bytes and abusing (their) CPU"). Chrome is effectively a Cloud Operating Environment for any (supported) operating system in the same way that early releases of Windows were GUIs for DOS. All we need to do now is load it on to a (free) operating system like Linux and wire it up to cloud storage (ala Mozilla Weave) for preferences (e.g. bookmarks, history) and user files (e.g. uploads, downloads) and we have a full blown Cloud Operating System!

By Sam Johnston, Director, Cloud & IT Services at Equinix. Visit the blog maintained by Sam Johnston here.

Related topics: Cloud Computing, Malware, Web