Re: Sandbox

Apps (native/web) need direct access to bare metal.

Browser vendors need to move away from the "we do all the thinking and designing and implementing" top-down model of innovation.

Browser vendors need to provide minimal core OS APIs and get out of the way and let open source grow around and do the rest.

For too long now the typical response to this kind of proposal has been "how do you propose solving the security problems?"

That is to say, we should not do any of this unless we can perfectly solve the security problems. As if they can be perfectly solved.

And so our most perfect solution has been to completely cripple web apps:

No TCP.

No UDP.

No POSIX.

No Hardware.

Tim Berners-Lee raised this point first awhile back on Public Web Apps: http://lists.w3.org/Archives/Public/public-webapps/2012JanMar/0464.html

As a user, I want to write a web app. I trust it. I want to give it UDP, TCP and POSIX anointing. I want it to use the resources of my machine to act on my behalf and assist me in my work. The browser won't let me. Why?

Received on Monday, 17 September 2012 12:22:16 UTC