RockSalt Could Pave Way to Safe Native Apps in Browsers

News
By published

Researchers at Harvard University say that 80 lines of code are enough to make sure that browser can run native machine code without be exposed to hacker attacks.

RockSalt is tiny app designed to run on systems with x86 processors that will verify code that accesses a wide range of computer features, but will remain in its sandbox and adhere to a secured environment. The name of the program is a word play referring to Google's Native Client for Chrome, short NaCl. In a chemical view, NaCl stands for sodium chloride, commonly known as tablet salt.

Google was first to use NaCl to allow developers to run native code in Chrome, and not just via JavaScript. However, due to vulnerabilities, NaCl's pace was slowed. According to the Harvard researchers, Rocksalt is a "simple but incredibly powerful system" with no know vulnerabilities that guarantees that native code designed targeted at a browser, in fact, is secure before the code is run. Compared to Google's 600 lines of code, RockSalt has only 80 and is claimed to be significantly faster.

“The biggest benefit may be that users can have more peace of mind that a piece of software works as they want it to," said Greg Morrisett, professor of Computer Science at the Harvard School of Engineering and Applied Sciences. "For users, the impact of such a tool is slightly more tangible; it allows users to safely run, for example, games, in a web browser without the painfully slow speeds that translated code traditionally provides."

Google funded the project at Harvard, but was not involved in the development of RockSalt otherwise. the researchers said that the researchers expect that their tool "might end up being adopted and integrated into future versions of common web browsers." Morrisett noted that there are plans plans to "adapt the tool for use in a broader variety of processors."

Contact Us for News Tips, Corrections and Feedback

9 Comments Comment from the forums
  • alidan
    so... a condom for internet code... and its getting thinner... sounds good to me.
    Reply
  • f-14
    this was so poorly written all mr. perry's diplomas from what ever schools they went to need to be revoked asap!
    Reply
  • JOSHSKORN
    f-14this was so poorly written all mr. perry's diplomas from what ever schools they went to need to be revoked asap!This is why I come to Toms to read the comments and not really the articles. Seems like when I do read articles on Toms, I need to print out the article and bust out my red pen to make corrections, then draw a happy, straight, or sad face on the top with a letter grade.
    Reply
  • chewy1963
    Quote - "In a chemical view, NaCl stands for sodium chloride, commonly known as tablet salt. "

    Really TABLET salt? Is that anything like TABLE salt? Oh I get it, it's like table salt but smaller and uses less power, right?
    Reply
  • OS X Mountain Lion available now

    http://www.techatron.net/2012/07/os-x-mountain-lion-available-now.html
    Reply
  • ojas
    In a chemical view, NaCl stands for sodium chloride, commonly known as tablet salt.
    table*

    with no know vulnerabilities
    known*

    Second one's nitpicking, first one's just funny on a tech site :D :P
    Reply
  • freggo
    I bet if there was a quick and easy way to edit one's posts a lot of errors would be caught and fixed my the respective authors.
    Reply
  • eddieroolz
    Compared to Google's 600 lines of code, RockSalt has only 80 and is claimed to be significantly faster.freggoI bet if there was a quick and easy way to edit one's posts a lot of errors would be caught and fixed my the respective authors.
    Indicative of Google's incredibly wasteful coding as seen on Android....
    Reply
  • v90k
    f-14this was so poorly written all mr. perry's diplomas from what ever schools they went to need to be revoked asap!
    If this article is poorly written, then what do you call this ^^
    Reply