As of last week, I’m now officially a member of the WebKit team – or at least they were annoyed with enough of my fixes that they decided I should be able to checkin on my own. I wish I had tons of time to do more work on WebKit. Hopefully I will free up soon.
The headline may sound like a joke, but it certainly is not. While the European Union stews over whether Microsoft should be forced to bundle competing browsers (like Chrome, Opera or Firefox), Microsoft is proposing the opposite. “Fine”, Microsoft has conceded. “If it’s not our browser, then users don’t get any browser. Happy now?”
Personally, I don’t think Windows will ever ship without a browser. But I’m pretty happy with the proposal, because distributors will pick up the slack by bundling a browser that makes sense (e.g. the browser vendor that paid the most).
And of course, we can’t ignore the irony. 10 years ago, when Microsoft was killing Netscape, Bill Gates himself testified that the browser could not technically be removed. It couldn’t be done. Here we are 10 years later, when it’s a little more convenient, and now, well, turns out it can be done!
Chrome 2.0 shipped out of beta today.
The New York Times seems to like it.
Here’s the simple how-to guide for voting on Tuesday.
Prop 1A – NO
This confused proposition claims to limit state spending, but the first thing it does is create a “rainy day slush fund” to the tune of ~$16B. There are only 28M Californians, folks. That means taxes of $571 from every man, woman and child in the state. But since only 18M of those people want to work, and another 11.5% are unemployed, each worker will get hit with ~$968! Yes, we should limit state spending. As far as I can tell, this is an increase in spending.
Prop 1B – NO
California has not been able to pass a budget largely because legislators have their hands tied. Propositions like 1B mandate spending in certain areas without consideration for future events. When crunch time hits, legislators need maneuverability. We cannot predict the future, and guaranteed spending always hurts. Experts agree this will be roughly a $10B tax increase starting in 2011. Further, in order for this law to work, you need to vote yes on 1A.
Prop 1C – NO
The proposition calls itself a “lottery modernization act”, but really it is a loan from the lottery to the state for $5B to cover more spending. This would also make lottery profits no longer guaranteed for education. We don’t need more loans for the state to pay back later.
Prop 1D – NO
Redirects funding from 1998’s Proposition 10 so that funding can be used for purposes other than what was designed in 1998. This is a great example of why propositions are a bad idea. In 1998, Prop 10 passed. But now, the state is in a jam and wants the money to use for something else. Let’s repeal Prop 10 altogether, not amend it to create more crazy spending plans.
Prop 1E – NO
Like Prop 1D, this proposition is redirecting funds to new purposes. Prop 1E proposes to change the funding plan for 2004’s Proposition 63, which guaranteed funding for certain mental health services. Now, the state is in a jam and wants to spend it on something else. Like with Prop 1D, let’s just eliminate Prop 63 rather than create more complications in our budget.
Prop 1F – NO
This law would prevent salary increases for legislators when there is a deficit. I don’t disagree, but we don’t need such a stupid law. It has trivial effect on our overall state economy, and we should be more strict about balancing the budget rather than creating penalties for deficits.
Conclusion
The cheat sheet for this year’s election is simple. NO. NO. NO. NO. NO. NO. Get the pattern?
Several of the propositions are about changing earlier propositions (the lottery, prop 10, and prop 64) so that we can balance the budget by using those guaranteed funds for new purposes. I agree we need to unlock funds so that we can balance our budget. But creating new, cockamamie laws isn’t the answer. Let’s repeal the guaranteed spending initiatives altogether.
I’ll be presenting as part of a discussion called What Makes Browsers Performant at the Velocity 2009 Conference, on June 23rd. I’ve got limited time, but I’ll give an overview of how we approach performance in Google Chrome, detail some of the key areas in performance which make Chrome stand out, share some performance numbers never before shared, and hopefully squeeze in a must-see demo or two.
I’m a developer, not a marketer, so this will be an entertaining, technical talk, with no spin and no “marketecture”! As a bonus, I promise to tell at least 2 good jokes. If you don’t laugh, you get your money back. Ok - that’s not true, ask the conference people about that.
If you haven’t signed up yet for Velocity you can use the coupon code VEL09FSP to get a 15% discount on tickets.
Today I turned off all email notifications from Twitter. Twitter has been getting so much press, you’d think it was a must-have service. I don’t get it. Not only do I not want to know what Ashton Kutcher has to say, I don’t even care. But that is another story.
Lately I’ve been getting lots of twitter followers that I don’t even know. At first I wondered why, but now I believe this is just another type of spam. Every follow creates an email notice out to the person being followed. Some percentage of those will follow the link. This is just twitter’s bird droppings – SPAM.
Anyway, all email notifications from twitter are now off.
At the CanSecWest conference each year they conduct a hacking competition (pwn2own). Security professionals compete to get malware onto a machine faster than anyone else. The contestant can pick the browser that they wish to attack.
At this year’s conference, every major browser including IE8, Firefox, and Safari were all hacked over a 3 day period. The only browser which was not hacked was Chrome. One of the winners of the contest had some interesting things to say about why Chrome was not hacked.
Chrome’s “sandbox” is not an accident; it was designed for this case. Each web page runs in a renderer process, and that process has no privileges on the OS, so it cannot write to disk or talk to the network. With all of the browsers being hacked, it’s fair to assume that hackers will find flaws in any browser. Avoiding flaws is key, but the sandbox ensures that those flaws are contained to some degree. It is much harder to do persist damage to the machine after the flaw has been exploited because the process can’t touch the network or disk. While IE8 also uses multiple processes, it does not implement a sandbox, so it is vulnerable in similar ways to single process browsers. Don’t get me wrong, the sandbox is not perfect, I’m sure someone will find an exploit. But it does make Chrome harder to break into. Plugins will be a vulnerability, as they cannot yet operate in a sandboxed environment (Flash, for instance, requires access to the OS in order to run).
More news:
IE8, Firefox, Safari Owned by 0-Day Vulnerabilities, Chrome Survives Intact
Chrome last browser standing after day one of Pwn2Own
Internet Explorer 8 Gets Hacked, Already
IE8 shipped yesterday! If you use Microsoft’s Internet Explorer, this browser is a must download. As this performance test from ZDnet shows, Microsoft has made fantastic progress between IE7 and IE8. IE8 is solidly 5 times faster than it’s predecessor, and it is also much more compatible with rendering sites on the web.
Several articles have been written about the latest in Javascript performance. Here are some interesting points:
DownloadSquad:
“Chrome 2 beats Safari 4 like a rented mule”
Also interesting is that Firefox’s Tracemonkey Javascript engine may be falling behind. Numerous articles have opined that Firefox 3’s ship date is in jeopardy due to Tracemonkey related bugs. But new data also confirms that Javascript in Firefox 3.1 beta 3 is markedly slower than Firefox 3.1 beta 2. The performance loss is palpable – Firefox lost 20% in performance from beta 2 to beta 3. The problem may be that as the bugs have piled up in Tracemonkey, the fixes to ensure stability have eroded the performance gains initially boasted by the team. It will be interesting to see Firefox’s final performance numbers when it ships out of beta.
In JavaScript, nothing is private, right? Sort of. One mechanism for creating classes with hidden member variables is to leverage Javascript’s lexical scoping. Lexical scoping means that a function’s scope is defined where it is declared, rather than where it is executed.
Here is a quick example which effectively creates a private member called “private_”:
A question which comes to my mind is whether or not this is fast. After all, if you’re going to have an object with methods, wouldn’t using prototypes be better?
Here is an alternate implementation:
In this implementation, private_ is no longer private and can be accessed externally. However, the constructor for PrivateClass() is much simpler as the methods are assigned to the prototype once, and then reused.
So I wrote a quick benchmark to test creation of these objects and access time of these objects (these operations are fast, so I measured 20,000 iteration loops). Using Chrome 2.0, here are the results:
| creation time | access time | |
| via Lexical Scoping | 122.2ms | 0.18ms |
| via Prototype | 11.3ms | 0.18ms |
So, if you are creating a few objects, and using them for a long time, either approach works well. But, if you are churning through many objects over time, using lexical scoping to hide private members is substantially more expensive than using prototype methods on an object.
