Comments on: Perspective Is Not A Liquid Asset

By: Chrome 2.0: Bam! | Continuing Intermittent Incoherency

Chrome 2.0: Bam! | Continuing Intermittent Incoherency — Thu, 21 May 2009 21:01:55 +0000

[...] As I’m sure all the blags will be a-twitter with shortly, Chrome 2.0 is now out to everyone, and it’s even faster. Yes, V8 got some polish (new compiler infrastructure FTW!), but the big speed news from my perspective are in other parts of the browser. Chrome 2.0 moves fully away from the Windows networking stack to Chrome’s faster networking infrastructure and includes changes to allocators that make the DOM go like hell compared to previous releases. There’s lots of great feature work in 2.0, of course, but now’s not the time for us to bury the real story: Chrome, fast as it was, just got even faster. Thanks to silent auto-update, it’ll even make the web faster faster. [...]

By: WebDevGeekly » Blog Archive » Episode 13

WebDevGeekly » Blog Archive » Episode 13 — Fri, 08 May 2009 04:46:03 +0000

[...] Alex on Chrome Security model * [...]

By: Joe Walker

Joe Walker — Wed, 06 May 2009 07:47:35 +0000

I’m interested to know if the “System administrator for large organizations” case really should be treated differently.

I think for many admins, the risk of being sacked as a result of breaking something outweighs the risk of being sacked from a security breach. The security breach is easier to blame on someone else.

I’m of the belief that ‘undo’ is a better model.
http://directwebremoting.org/blog/joe/2009/02/04/undoable_silent_autoupdate.html

(Aaron’s point about making access to user data harder is a true, but surmountable problem, and a price that is worth paying to keep the maximum number of people on the latest version.)

By: alex

alex — Tue, 05 May 2009 23:47:02 +0000

mikeal:

I’m not so sure about that…being open source lets a small group of people determine if something is good or not, but it doesn’t automatically create a motivation for those people to go and dig in and spend their time doing so. The white lie of Open Source is that while many eyes may make all bugs shallow, most eyes are worthless (have zero bug-finding value) and that the ones that are valuable are much more likely to look if there is some benefit to them for doing so.

As someone who builds OSS software for a living, I don’t know that I could distinguish a “good” update from a “bad” update via any mechanism other than the one employed by OSS software updates: does it hurt the canary users? If not, it’s likely safe. There’s more to the evil/non-evil decisions in Chrome than the decision to release source, and I think there’s real room here for closed source products to benefit from the same mechanism. They might need to work harder to build the trust required to make the auto-updater a good idea, but that’s just down to building a good product. No development model has a monopoly on that.

Regards

By: alex

alex — Tue, 05 May 2009 22:14:45 +0000

Sorry, Glen. Updated now.

= \

By: mikeal

mikeal — Tue, 05 May 2009 21:42:19 +0000

I think this system *only* works when the product is open source.

I have an immediate objection to blindly installing binary blobs of closed source software regardless of who the publisher is. I can’t count the number of times Microsoft security updates have introduced additional security problems. This is why so many large organizations dislike this model.

What makes me really love what Chrome has done is that it’s open source and you can easily turn it off the updater. But it defaults to a model of increased security and, for those that care, transparency is offered to the updates through viewing the source.

By: Glen Murphy

Glen Murphy — Tue, 05 May 2009 21:40:58 +0000

SPELLING!