1 00:00:09,850 --> 00:00:15,180 so i i'm martin robinson and i mean a gully and they work and what 2 00:00:15,180 --> 00:00:15,550 can 3 00:00:16,110 --> 00:00:16,760 and i 4 00:00:18,040 --> 00:00:21,420 so they wanna talk was it about the work we've been doing with like a 5 00:00:21,420 --> 00:00:28,500 G D K and especially i'm gonna focus on some practical things for people who 6 00:00:28,500 --> 00:00:29,470 in bed but okay 7 00:00:30,520 --> 00:00:34,110 some changes you'll have to make if you for your application directly to 8 00:00:35,140 --> 00:00:40,440 i just wanna say like to preface this talk by saying that for us to 9 00:00:40,440 --> 00:00:41,670 make a G T K this 10 00:00:43,350 --> 00:00:48,740 this table really celebrity was really a revolutionary step in the development of the library 11 00:00:48,740 --> 00:00:52,260 rather than on an evolutionary step really changed 12 00:00:53,490 --> 00:00:55,960 one of the characteristics of the library so 13 00:00:56,430 --> 00:00:58,300 we're actually really excited about it 14 00:01:00,250 --> 00:01:04,170 so i suppose there with a quick review for those of you who aren't 15 00:01:04,920 --> 00:01:07,930 intimately familiar with like it talk little bit about 16 00:01:09,220 --> 00:01:11,500 what is what it is for so 17 00:01:12,500 --> 00:01:13,300 what it is 18 00:01:14,830 --> 00:01:18,870 is what's referred to as a web content engine which basically means if you have 19 00:01:18,870 --> 00:01:21,160 a web browser everything inside 20 00:01:21,730 --> 00:01:23,830 inside the chrome in that little box 21 00:01:24,200 --> 00:01:29,600 is rented web content and that's what the libraries responsible for 22 00:01:30,130 --> 00:01:33,800 as well as some ways in which that content touches the outside world 23 00:01:36,360 --> 00:01:42,580 so right it processes in renders web content and processing includes both parsing the H 24 00:01:42,580 --> 00:01:46,550 T M L and the C S in rendering it as well as running the 25 00:01:46,550 --> 00:01:47,310 java script 26 00:01:48,690 --> 00:01:49,030 so 27 00:01:50,220 --> 00:01:54,180 it was started as a for kick H T M L and for a little 28 00:01:54,180 --> 00:01:59,480 while it was closed source but eventually with open source and two thousand five and 29 00:02:00,560 --> 00:02:04,560 on the page one of the goals of the project is actually that it's open 30 00:02:04,560 --> 00:02:05,410 source that it's 31 00:02:06,430 --> 00:02:10,380 this is usable and visible to everyone 32 00:02:10,920 --> 00:02:18,940 as well as these to sort of companion goals compatibility in compliance compatibility meaning that 33 00:02:18,940 --> 00:02:24,990 there's a lot of content on the web and that the engine should be able 34 00:02:24,990 --> 00:02:26,120 to render that content 35 00:02:26,730 --> 00:02:29,480 it shouldn't break websites that exist 36 00:02:30,490 --> 00:02:35,040 the actually the their criteria for breaking websites 37 00:02:35,470 --> 00:02:40,380 it has to be something very important and websites have to be a very small 38 00:02:40,380 --> 00:02:45,190 percentage of other sites on the internet for instance on the blink mailing list recently 39 00:02:45,190 --> 00:02:49,310 they were talking about removing the feature and the feature was use on something like 40 00:02:49,310 --> 00:02:50,090 point 41 00:02:50,840 --> 00:02:54,500 a percent of websites and some was like that's a lot 42 00:02:54,880 --> 00:02:58,860 and it is a lot when you have millions and millions of pages that's a 43 00:02:58,860 --> 00:02:59,490 lot of pages 44 00:03:00,020 --> 00:03:05,600 so the other part of this is compliance which means that the engine should be 45 00:03:05,600 --> 00:03:06,430 should be 46 00:03:07,510 --> 00:03:09,460 compliant with the specs 47 00:03:10,340 --> 00:03:16,580 and is a kind of a competing goals away because sometimes to be compatible with 48 00:03:16,580 --> 00:03:22,250 pages you need to not be compliant with the spec so it's always this kind 49 00:03:22,250 --> 00:03:24,790 of back and forth conversation we have 50 00:03:25,660 --> 00:03:32,180 obviously stability performance are important because the web browser should be fast and it shouldn't 51 00:03:32,180 --> 00:03:32,730 crash 52 00:03:33,510 --> 00:03:38,830 also security which all talk a little bit about more about the security issue is 53 00:03:38,830 --> 00:03:43,810 very important portability it should be written in a way that's that makes it useful 54 00:03:43,810 --> 00:03:50,410 a lot of systems not just a mac not just intel computer usability in package 55 00:03:50,410 --> 00:03:54,750 that would be and hack ability is really a statement about the quality of the 56 00:03:54,750 --> 00:04:00,130 code the code to be written in a way that's easily readable easily changeable 57 00:04:00,410 --> 00:04:04,740 it should be abstracted away and in the right amount not too much not to 58 00:04:04,740 --> 00:04:08,180 will just enough to make it easily hack able 59 00:04:09,170 --> 00:04:13,010 you never wanted to be a pain to have to go change the code to 60 00:04:13,010 --> 00:04:13,520 fix about 61 00:04:14,720 --> 00:04:18,030 any time there's a barrier in the way that means less bugs will be fixed 62 00:04:18,930 --> 00:04:23,520 and then they also stay on the website some non goals which is in some 63 00:04:23,520 --> 00:04:32,990 sense equally important because sometimes you shouldn't be turning this wiring tool for web browser 64 00:04:32,990 --> 00:04:36,110 it's not meant to be able web browser it's meant to be a component it's 65 00:04:36,110 --> 00:04:37,890 reusable inside webbrowsers 66 00:04:38,780 --> 00:04:42,300 so they need to be a dividing line between what features go in the library 67 00:04:42,300 --> 00:04:46,890 what features belong in the embedding application recline 68 00:04:48,850 --> 00:04:53,190 it's also not a science project it should be which means that it should be 69 00:04:53,190 --> 00:04:57,490 relevant to what exists in the world today it's made to render web content that 70 00:04:57,490 --> 00:05:02,500 exists it shouldn't necessarily be place to experiment with things the 71 00:05:03,040 --> 00:05:09,050 people will never user are important right now those things can be worked out in 72 00:05:09,050 --> 00:05:10,290 what you can meet them halfway 73 00:05:12,550 --> 00:05:18,350 the third thing here is it's not meant to be split into a bunch of 74 00:05:18,350 --> 00:05:23,480 reusable components which is kind of and sometimes in contrast work with going on because 75 00:05:23,480 --> 00:05:27,200 a lot of times in get home when we see that there's a piece of 76 00:05:27,200 --> 00:05:30,320 going on that's useful for a lot of other tools suisse you know split into 77 00:05:30,320 --> 00:05:33,870 a library and web get the fourth is a little different you know 78 00:05:34,330 --> 00:05:38,400 every time you split a something out to library there's some overhead and maintaining that 79 00:05:38,400 --> 00:05:39,580 you have more consumers 80 00:05:39,990 --> 00:05:42,120 so it's a little it's a little bit more 81 00:05:43,160 --> 00:05:47,410 i guess like of a hermit community you know where together working on this thing 82 00:05:47,410 --> 00:05:47,670 and 83 00:05:48,770 --> 00:05:51,040 you don't always wanna likes but also means we can 84 00:05:53,720 --> 00:05:58,900 right so another the interesting about what is it split into things called ports 85 00:05:59,920 --> 00:06:01,240 and 86 00:06:01,600 --> 00:06:04,600 you can kind of see what is going there's a T K pork important you 87 00:06:04,600 --> 00:06:08,660 know for a mac and windows for tutors on safari import so 88 00:06:10,770 --> 00:06:11,750 are essentially 89 00:06:13,550 --> 00:06:16,740 the common web get code which is most of the code is common 90 00:06:17,550 --> 00:06:21,420 in some layer at the bottom which abstracts away the platform 91 00:06:22,440 --> 00:06:26,560 for instance networking or how to draw to a campus 92 00:06:27,370 --> 00:06:29,560 how to talk to system 93 00:06:30,450 --> 00:06:34,210 and then that's at the bottom and then at the top is the api there 94 00:06:34,650 --> 00:06:37,970 the egg i layer is what the embedding application uses 95 00:06:38,540 --> 00:06:42,250 and way web "'cause" is design is the every and there is a little different 96 00:06:42,250 --> 00:06:44,380 so for instance for the wreckage indicate for 97 00:06:45,870 --> 00:06:50,810 in the problem later we use once you for networking use cover restoration opengl for 98 00:06:50,810 --> 00:06:56,050 making the scene raffles will talk more about later web gel injuries you refer media 99 00:06:56,710 --> 00:07:01,680 and what gets made in such a way that these components 100 00:07:02,460 --> 00:07:05,120 in most of the web get code are totally abstracted away 101 00:07:05,690 --> 00:07:10,800 into a wrapper classes that had the same semantics whether you're writing on a mac 102 00:07:10,800 --> 00:07:14,760 or on for G T K and anytime the semantics differs it's kind of like 103 00:07:14,760 --> 00:07:17,300 a little bug that needs to be fixed usually 104 00:07:18,160 --> 00:07:23,690 there's always a little tricky bits of getting the semantics of different platforms of to 105 00:07:23,690 --> 00:07:24,200 match up 106 00:07:24,770 --> 00:07:28,930 because a C G canvas core graphics isn't necessarily the same as a cover canvas 107 00:07:29,540 --> 00:07:34,180 for instance in cairo used or the path on the canvas but it's a little 108 00:07:34,180 --> 00:07:36,860 different in some other platforms 109 00:07:37,360 --> 00:07:37,770 so 110 00:07:38,920 --> 00:07:42,760 and then at the top of like a G D K there is the A 111 00:07:42,760 --> 00:07:47,430 P I later which is essentially a single a G T K widget the website 112 00:07:47,430 --> 00:07:52,420 web you that would you that is the browser went the window into the web 113 00:07:52,420 --> 00:07:56,040 content and some G I D K P Is around that 114 00:07:58,120 --> 00:08:02,480 and some of the consumers of repeated a game betters are epiphany but or you 115 00:08:02,480 --> 00:08:06,010 know that so maybe you're familiar with these is applications 116 00:08:08,800 --> 00:08:13,340 okay so here's an example of what i was talking about so this is a 117 00:08:13,340 --> 00:08:14,330 so simple by 118 00:08:15,900 --> 00:08:21,820 architecture diagram of what can and at the bottom there's this thing called the media 119 00:08:23,000 --> 00:08:25,750 which is essentially a little bit like booze 120 00:08:26,200 --> 00:08:27,330 it's like a 121 00:08:29,270 --> 00:08:34,270 i it wraps it makes it was a little nicer to use include some collections 122 00:08:34,270 --> 00:08:37,480 some platform abstractions abstracts away like threads 123 00:08:38,130 --> 00:08:40,290 and javascript for 124 00:08:41,140 --> 00:08:46,950 which is the javascript engine and these days another blankets for jobs to for is 125 00:08:46,950 --> 00:08:48,950 the only just in general it 126 00:08:49,920 --> 00:08:51,390 and sitting on top of that is 127 00:08:52,670 --> 00:08:57,880 so what for which includes a platform layer and the rest of web for and 128 00:08:57,880 --> 00:09:02,950 i'm separating those because again the platform layer are our classes that rap 129 00:09:03,380 --> 00:09:08,440 cairo for instance where is the rest of web for are 130 00:09:10,620 --> 00:09:13,760 is functionality that's common to all platforms 131 00:09:14,260 --> 00:09:15,840 like the functionality that takes 132 00:09:16,390 --> 00:09:19,180 a stream of data and parses out C S rules 133 00:09:20,330 --> 00:09:21,920 sitting on top of that is web kit 134 00:09:23,980 --> 00:09:24,580 which is 135 00:09:27,360 --> 00:09:30,370 how do i describe that a web get is sort of like 136 00:09:30,800 --> 00:09:33,450 the glue between web for 137 00:09:34,610 --> 00:09:35,930 and the browser 138 00:09:36,660 --> 00:09:42,400 so this includes the api layer but also includes some code for like 139 00:09:43,440 --> 00:09:48,010 handling different situations and sort of translating that into a pi concepts 140 00:09:48,860 --> 00:09:50,290 that's a little fuzzy but 141 00:09:51,840 --> 00:09:55,190 on top of that's it's the application 142 00:09:56,140 --> 00:09:56,520 and 143 00:09:57,730 --> 00:10:01,300 noticed it right now in this diagram again this is what get one these are 144 00:10:01,300 --> 00:10:06,280 all on the same process this is just a normal library 145 00:10:08,980 --> 00:10:09,550 so 146 00:10:10,140 --> 00:10:14,340 before i start talking about web get to i just wanna talk a little bit 147 00:10:14,340 --> 00:10:20,010 of a little bit about the motivation for what get to so some minor philosophical 148 00:10:20,010 --> 00:10:20,460 point 149 00:10:21,560 --> 00:10:23,760 which i think is what 150 00:10:25,870 --> 00:10:31,770 the thinking that drove the creation of chromium and draw the creation but get to 151 00:10:33,390 --> 00:10:34,090 and i 152 00:10:35,180 --> 00:10:37,000 means that this is the future of the way 153 00:10:37,700 --> 00:10:38,180 so 154 00:10:39,370 --> 00:10:41,740 code has about this they crash the program 155 00:10:43,260 --> 00:10:44,180 or just bucks 156 00:10:44,680 --> 00:10:45,670 all got has boats 157 00:10:46,870 --> 00:10:50,540 and colours bugs that allow arbitrary code execution 158 00:10:51,500 --> 00:10:51,980 which 159 00:10:53,250 --> 00:10:54,430 especially if 160 00:10:54,980 --> 00:10:56,970 that code includes 161 00:10:58,770 --> 00:11:01,000 a java script engine that's 162 00:11:01,890 --> 00:11:03,780 writing machine code into memory 163 00:11:06,220 --> 00:11:10,020 and not only just what happens cut has dependencies that have bugs 164 00:11:10,950 --> 00:11:19,350 so maybe you've written perfect code but you're using library like phone configure higher that 165 00:11:19,350 --> 00:11:19,900 has a bug 166 00:11:21,070 --> 00:11:22,120 one of these buttons 167 00:11:23,670 --> 00:11:30,270 and four point is even if everything was looking good live the your code the 168 00:11:30,270 --> 00:11:31,040 dependencies 169 00:11:32,140 --> 00:11:34,360 you're gonna be processing 170 00:11:35,440 --> 00:11:41,160 things from though from the world that you don't trust their like little programs france 171 00:11:41,340 --> 00:11:47,660 and images S V G images and these are all like small set of instructions 172 00:11:47,660 --> 00:11:53,500 that mean that the scope of the data your processing is why and in the 173 00:11:53,980 --> 00:11:56,660 the chance of writing a 174 00:11:57,260 --> 00:12:02,040 a font they can we can crash your browser actually i mean it's 175 00:12:03,380 --> 00:12:05,840 it's very hard to eliminate these problems 176 00:12:06,520 --> 00:12:06,970 so 177 00:12:07,540 --> 00:12:09,410 well it was a pragmatic response this 178 00:12:09,940 --> 00:12:11,750 i mean maybe you can say that 179 00:12:13,180 --> 00:12:17,220 that we're gonna work are gonna fix all the buttons in our browser so that 180 00:12:17,220 --> 00:12:19,680 it doesn't crash we're gonna eliminate these security issues 181 00:12:20,460 --> 00:12:24,430 but you also have them at the security issues in your dependencies you also have 182 00:12:24,430 --> 00:12:28,230 to work with sanitise in your input data which is very hard 183 00:12:28,910 --> 00:12:29,320 and 184 00:12:30,440 --> 00:12:35,400 instead we say yes that's keep working on fixing the crashes my browser but let's 185 00:12:35,400 --> 00:12:39,860 also say that if something goes wrong let's make sure that it doesn't 186 00:12:40,640 --> 00:12:42,510 we've our users vulnerable to attack 187 00:12:43,780 --> 00:12:44,310 so 188 00:12:44,910 --> 00:12:50,330 for instance when we talk about arbitrary code execution one thing to keep in mind 189 00:12:50,330 --> 00:12:50,780 is that 190 00:12:52,710 --> 00:12:55,490 is it these days web applications 191 00:12:56,220 --> 00:12:59,750 are our applications they're like 192 00:13:00,280 --> 00:13:04,760 they're like just up applications now and not only other like that stuff publications like 193 00:13:04,760 --> 00:13:07,760 you might be running you know angry birds in your browser and like i want 194 00:13:07,760 --> 00:13:12,890 side it is your banking information and maybe anger birds you know can reach over 195 00:13:12,890 --> 00:13:14,020 and touch your bank account 196 00:13:14,630 --> 00:13:18,620 and this isn't like a hypothetical situation this is this is things that actually happen 197 00:13:19,480 --> 00:13:21,540 so the web is huge remember 198 00:13:24,910 --> 00:13:26,270 so this is what we can do 199 00:13:29,440 --> 00:13:30,050 we can 200 00:13:30,570 --> 00:13:35,120 we can acknowledge at the web platform is huge in everyday it's getting bigger it's 201 00:13:35,120 --> 00:13:41,390 adding more functionality each and you add functionality add more chances for vulnerabilities for crashes 202 00:13:43,210 --> 00:13:46,470 and we can we can think of a way to make the crashes less 203 00:13:46,910 --> 00:13:48,490 inconvenient for users 204 00:13:48,980 --> 00:13:50,090 maybe instead of 205 00:13:51,740 --> 00:13:57,360 when the web rendering crashes it doesn't crash the browser we just crashes that's have 206 00:13:57,360 --> 00:13:58,270 or just crashes 207 00:13:58,750 --> 00:14:00,420 the web rendering part 208 00:14:00,940 --> 00:14:04,360 and we can prevent crashes from exposing 209 00:14:04,950 --> 00:14:11,850 crashes and screen doors from exposing data from outside the scope of the current page 210 00:14:12,180 --> 00:14:15,060 and the way we can get as we can put that data maybe 211 00:14:15,590 --> 00:14:21,800 in another address space words harder to get to put some more separation between the 212 00:14:21,800 --> 00:14:23,450 data of the different applications 213 00:14:26,350 --> 00:14:30,340 and we can also prevent bugs and crashes from damaging the system 214 00:14:31,020 --> 00:14:32,500 or executing arbitrary cut 215 00:14:34,420 --> 00:14:36,340 that's another name for sandbox 216 00:14:37,480 --> 00:14:43,090 so even if even if some paid crashes the browser you can try to that 217 00:14:43,090 --> 00:14:43,760 hard this 218 00:14:44,810 --> 00:14:46,500 because that process can try to the heart 219 00:14:49,210 --> 00:14:53,180 and finally even if we're not talking about a much just page are just talking 220 00:14:53,180 --> 00:14:56,700 about it a page that has a really heavy while 221 00:14:57,120 --> 00:15:01,640 it shouldn't prevent you from using other pages or clicking a menu it shouldn't prevent 222 00:15:01,640 --> 00:15:03,470 you from closing the browser to get away 223 00:15:05,170 --> 00:15:08,680 so this is a this is thinking that drives this because 224 00:15:09,560 --> 00:15:10,310 to be honest 225 00:15:10,760 --> 00:15:14,740 well get to and from in these are like very complicated architectures and 226 00:15:16,940 --> 00:15:19,110 and they deserve a good reason 227 00:15:22,930 --> 00:15:24,840 so this is the end result 228 00:15:26,900 --> 00:15:27,350 we can 229 00:15:28,650 --> 00:15:33,530 we can put each web rendering part into it's own process and have some pair 230 00:15:33,530 --> 00:15:34,290 process 231 00:15:34,650 --> 00:15:35,800 and we could to we call 232 00:15:37,030 --> 00:15:38,770 the web rendering process 233 00:15:39,180 --> 00:15:42,210 the web process we compare process they why process 234 00:15:42,570 --> 00:15:46,450 because the actual from of the browser is in this you are process 235 00:15:49,650 --> 00:15:51,690 and we can sandbox the web rendering 236 00:15:52,540 --> 00:15:56,370 because you know once you separate out the web are it's it doesn't need to 237 00:15:56,370 --> 00:15:59,100 write to the hard disk or even read from the hard disk 238 00:15:59,850 --> 00:16:02,810 and i'll talk a little bit more about 239 00:16:04,140 --> 00:16:06,160 how to make sam boxing easier later 240 00:16:07,460 --> 00:16:09,850 so this is sort of 241 00:16:10,300 --> 00:16:14,620 the first web could to architecture diagram a on the left you can see the 242 00:16:14,620 --> 00:16:20,480 older architecture diagram a little bit different but you see the api boundary was between 243 00:16:20,480 --> 00:16:24,460 the application with kit and here we have now two processes 244 00:16:25,120 --> 00:16:30,660 and the A P I is in the U I process but underneath that api 245 00:16:30,660 --> 00:16:36,750 it's talking the I P C the inter process communication to another process which has 246 00:16:36,750 --> 00:16:38,100 the rest of the library 247 00:16:39,150 --> 00:16:43,230 so even if this web trust what web process crashes it's not gonna be able 248 00:16:43,230 --> 00:16:44,770 to crash the browser 249 00:16:46,260 --> 00:16:51,020 or indeed read arbitrary information from the address space 250 00:16:51,490 --> 00:16:52,700 of the U I process 251 00:16:54,780 --> 00:16:59,040 and the foregoing are there any questions about this particular "'cause" 252 00:17:00,530 --> 00:17:06,510 okay reasonable is it a pretty old concept of this point since programs around for 253 00:17:06,510 --> 00:17:07,190 a few years 254 00:17:08,110 --> 00:17:13,960 so to teach you details about what's inside which i think i put this here 255 00:17:13,960 --> 00:17:17,490 to make it easier to understand the practical bits 256 00:17:18,060 --> 00:17:19,350 but 257 00:17:20,550 --> 00:17:25,480 essentially we have to process is now they need some way to communicate 258 00:17:26,530 --> 00:17:31,300 and i said is what those ways into three distinct 259 00:17:31,880 --> 00:17:39,050 one of the first is messaging so say D web process reads the browser title 260 00:17:39,800 --> 00:17:43,600 and then it needs to tell you i process that i've read the title you 261 00:17:43,600 --> 00:17:44,570 know change 262 00:17:44,900 --> 00:17:49,940 the title bar to reflect that sends a message with some arguments the arguments in 263 00:17:49,940 --> 00:17:54,970 the message or serialise into a chunk of data it sent across socket to the 264 00:17:54,970 --> 00:17:55,780 other side 265 00:17:56,370 --> 00:17:58,430 and then de serialise 266 00:17:58,990 --> 00:18:00,170 interpreted 267 00:18:00,820 --> 00:18:05,380 and there's also a shared memory which is used for sending big chunks of data 268 00:18:05,380 --> 00:18:10,710 like the what processes finish rendering the page to an image and sends that it's 269 00:18:10,710 --> 00:18:12,860 too big for this socket 270 00:18:13,350 --> 00:18:18,840 it sounds that as a target sure and memory you are process we avoid making 271 00:18:18,840 --> 00:18:20,480 unnecessary companies 272 00:18:21,110 --> 00:18:26,940 and the third is a shared services which are different the czech memory because is 273 00:18:26,940 --> 00:18:28,340 typically are on the gpu 274 00:18:29,700 --> 00:18:32,920 the what processes put something on a gpu you know what's the send it to 275 00:18:32,920 --> 00:18:37,180 the U I process without downloading the data from the gpu again 276 00:18:37,630 --> 00:18:39,520 putting in shared memory in the real putting it 277 00:18:40,170 --> 00:18:42,280 so for instance in 278 00:18:43,530 --> 00:18:47,960 in the X eleven version of repeated okay we use X composite and next damage 279 00:18:47,960 --> 00:18:55,230 sort of like we make a little window manager and we send these gpu services 280 00:18:56,080 --> 00:18:57,860 to the you i process to run 281 00:19:04,230 --> 00:19:07,830 and why do we have to do that that's because 282 00:19:09,400 --> 00:19:13,890 web pages these days more are just asking graphs like colour sing graphs 283 00:19:17,330 --> 00:19:23,020 for three main reasons the first is that we wanna prevent wanna prevent unnecessary redraw 284 00:19:23,020 --> 00:19:26,570 say like some D of is moving animating on top of the rest of web 285 00:19:26,570 --> 00:19:31,340 content only this dave is changing and maybe just only in the position so instead 286 00:19:31,340 --> 00:19:36,120 of constant reread redrawing entire page what if we just stored all the different layers 287 00:19:36,120 --> 00:19:40,960 of the page in the textures and just we can positive those textures on the 288 00:19:40,960 --> 00:19:44,950 gpu again and you use actually really good a composite it turns out so 289 00:19:45,970 --> 00:19:50,430 it it's quite fast you do of really and second thing is three C S 290 00:19:50,430 --> 00:19:55,860 transforms the way those work usually is that they're done on the gpu with a 291 00:19:55,860 --> 00:20:02,170 opengl and in so once you once you start doing work on the gpu it's 292 00:20:02,170 --> 00:20:06,470 really expensive just stop in bring it back into main memory 293 00:20:06,970 --> 00:20:10,590 only to re uploaded again so you can display it that's actually enough to kill 294 00:20:10,590 --> 00:20:12,250 your frame right so 295 00:20:12,870 --> 00:20:16,350 so it sort of a non starter to do that and the same with what 296 00:20:16,350 --> 00:20:21,070 you know web G obviously is opengl which is on a gpu downloading and again 297 00:20:21,070 --> 00:20:26,050 downing andrea pointing again will bring the frame rate below the 298 00:20:26,730 --> 00:20:28,490 the limits of the human eye so 299 00:20:31,100 --> 00:20:35,030 right so the way it works is that the scene graph is built in process 300 00:20:35,030 --> 00:20:37,350 in the web process and web process 301 00:20:38,110 --> 00:20:42,570 and what's the scene graph is there and all the rendering is there 302 00:20:43,030 --> 00:20:46,750 you the composing there you need some way to send those results to do i 303 00:20:46,750 --> 00:20:51,870 process and that's where X composite next damage comes and sort of like the way 304 00:20:51,870 --> 00:20:55,070 a application does all the rendering insensitive the window manager 305 00:20:56,020 --> 00:21:01,590 in the way this will work and lemon is probably that will use a 306 00:21:02,730 --> 00:21:05,690 and embedded women composite 307 00:21:08,500 --> 00:21:09,040 so working that 308 00:21:10,860 --> 00:21:12,720 alright so that sort of 309 00:21:14,340 --> 00:21:18,260 the high level overview of web get to and 310 00:21:20,160 --> 00:21:25,540 in you know we end up inventing work in a few places so some if 311 00:21:25,540 --> 00:21:26,800 you may be asking 312 00:21:28,000 --> 00:21:31,530 should i pour my application to web get to if you use what could U 313 00:21:31,530 --> 00:21:34,010 K or even any other port of work that and 314 00:21:34,610 --> 00:21:35,810 the answer is yes 315 00:21:36,890 --> 00:21:40,200 you should fortification with get to in fact 316 00:21:40,650 --> 00:21:42,920 even if you don't think it'll be useful 317 00:21:43,940 --> 00:21:44,940 the reason is 318 00:21:45,920 --> 00:21:49,860 okay G K is moving in the maintenance moon 319 00:21:50,090 --> 00:21:50,770 so 320 00:21:51,280 --> 00:21:54,660 it turns out that it takes a lot of work to maintain a web chip 321 00:21:54,660 --> 00:21:55,550 or so 322 00:21:56,220 --> 00:21:59,900 when your team has to maintain to it's a bit harder 323 00:22:01,920 --> 00:22:03,050 in addition 324 00:22:04,240 --> 00:22:07,580 what did you think it work it won't be deprecated at some point because once 325 00:22:07,580 --> 00:22:14,570 you start maintaining work it then you start wearing about security vulnerabilities and fixing bugs 326 00:22:15,070 --> 00:22:15,450 so 327 00:22:17,060 --> 00:22:21,530 the good thing about this is that web get to is a better api it's 328 00:22:21,530 --> 00:22:27,080 richer it exposes more functionality it's more in line with other web to web reports 329 00:22:27,080 --> 00:22:30,800 it just all around a better right guy because it's the second time around we 330 00:22:30,800 --> 00:22:32,820 made an A P I so we got a lot better at it 331 00:22:35,750 --> 00:22:39,370 and top of all that if you put your navigation web get to 332 00:22:39,690 --> 00:22:43,490 without doing anything other importing it will be faster more responsive 333 00:22:44,000 --> 00:22:46,340 when some random might kind then crashes 334 00:22:46,670 --> 00:22:52,050 but it won't crash or application you can just we started it's very nice 335 00:22:53,690 --> 00:22:54,170 alright 336 00:22:55,200 --> 00:22:58,560 but it's not necessarily easy 337 00:22:59,450 --> 00:23:01,020 for all use cases 338 00:23:02,780 --> 00:23:06,790 some of the problems are that there's not yet up or to porting guide which 339 00:23:06,790 --> 00:23:08,470 is the better shame 340 00:23:09,620 --> 00:23:13,620 because we've and promising it for a while and we don't we have it yet 341 00:23:13,620 --> 00:23:13,910 but 342 00:23:15,440 --> 00:23:18,300 but there is really good A P I documentation 343 00:23:18,790 --> 00:23:24,110 and the differences between the two basically boiled down to the second point which is 344 00:23:24,110 --> 00:23:25,830 that before 345 00:23:26,960 --> 00:23:31,270 before it made sense to do things synchronously so when you wanted to save the 346 00:23:31,270 --> 00:23:34,010 page images away into the save is done 347 00:23:35,110 --> 00:23:39,130 but in my pocket to that makes a little less sense because now you're 348 00:23:39,760 --> 00:23:45,740 you're sending a message to the web process which again you don't necessarily trust anymore 349 00:23:46,030 --> 00:23:51,650 you know we're starting to just trust things across a process boundary and instead of 350 00:23:51,650 --> 00:23:53,560 waiting for maybe it's better to just 351 00:23:53,960 --> 00:23:58,490 just send the request you know save the page and when you're done with that 352 00:23:58,490 --> 00:23:59,270 let me know 353 00:23:59,920 --> 00:24:00,720 and 354 00:24:01,230 --> 00:24:04,830 what this means is a lot of it guys very synchronous now and they look 355 00:24:04,830 --> 00:24:07,780 a little bit harder use you have to pass a callback 356 00:24:08,150 --> 00:24:10,980 and use sort of G I O style 357 00:24:11,550 --> 00:24:14,890 J O style is intrinsically i 358 00:24:16,980 --> 00:24:21,410 so the really tricky bit is that if you were doing some sign a some 359 00:24:21,410 --> 00:24:26,850 kind of deep integration with the web content you were interacting with the page changing 360 00:24:26,850 --> 00:24:33,790 in real time then it becomes actually quite a bit trickier because before you could 361 00:24:33,790 --> 00:24:39,780 actually reach down into the library and modify the actual down in memory 362 00:24:40,280 --> 00:24:43,510 but now it's not in memory more it's and some other process 363 00:24:44,390 --> 00:24:47,490 so some of the process you notice that we trust 364 00:24:48,220 --> 00:24:54,880 so what you have to do is used one of these for techniques jetted script 365 00:24:54,880 --> 00:24:58,850 source custom protocols you have to die down bindings are page axes 366 00:24:59,340 --> 00:25:01,160 we the jesse api 367 00:25:03,500 --> 00:25:09,890 so injected script source is a is essentially a and it and the web you 368 00:25:09,890 --> 00:25:12,720 would you give it a string of javascript source 369 00:25:13,660 --> 00:25:17,290 and you send that to the web process to be executed in the page content 370 00:25:17,290 --> 00:25:18,350 in the page context 371 00:25:18,760 --> 00:25:24,690 and the resulting javascript return value will be serialised and sent back to you 372 00:25:26,630 --> 00:25:31,040 so you can imagine writing a small javascript program to walk 373 00:25:31,600 --> 00:25:36,510 the elements of the page and do some processing maybe find 374 00:25:36,930 --> 00:25:42,470 say the password field the kind of the pasture field in getting back a string 375 00:25:42,470 --> 00:25:43,320 from we process 376 00:25:47,600 --> 00:25:49,340 and that looks a bit like this 377 00:25:52,020 --> 00:25:54,360 you call what but you run javascript 378 00:25:54,830 --> 00:25:58,500 with the web you and then the string here is actually the 379 00:25:59,710 --> 00:26:00,730 the script you're right 380 00:26:01,860 --> 00:26:04,120 and then you get a callback pretty simple 381 00:26:05,450 --> 00:26:07,090 and then the callback you call 382 00:26:07,770 --> 00:26:11,380 but it would you run javascript finish like T I O again 383 00:26:11,950 --> 00:26:13,290 and you get this 384 00:26:13,610 --> 00:26:22,220 serialise return value and everything below that is getting the actual javascript core values from 385 00:26:22,220 --> 00:26:27,320 the return value this is funky a J S A P I is are the 386 00:26:27,320 --> 00:26:33,090 javascript for api this is like the A P I for touching the javascript engine 387 00:26:33,090 --> 00:26:33,500 itself 388 00:26:37,130 --> 00:26:40,460 but you can see that we're just converting this value into a string and then 389 00:26:40,460 --> 00:26:45,890 converting that string into a C string it's a little bit of a of the 390 00:26:45,890 --> 00:26:47,490 paying a bit verbose but 391 00:26:49,540 --> 00:26:53,680 but really like other than this callback it's similar to what you would do before 392 00:26:57,650 --> 00:26:58,760 so before talk about 393 00:27:00,450 --> 00:27:02,830 a custom protocols so 394 00:27:03,900 --> 00:27:08,720 maybe views are chromium before maybe and you type about 395 00:27:09,590 --> 00:27:11,040 and you get a web page 396 00:27:11,880 --> 00:27:16,070 and it's almost like instead of H diffusing this about protocol 397 00:27:16,650 --> 00:27:17,290 and that's 398 00:27:17,810 --> 00:27:19,930 exactly what custom particles are 399 00:27:21,590 --> 00:27:26,440 it's that you're gonna grading with the networking library to add a new protocol 400 00:27:27,150 --> 00:27:28,940 to the to the web engine 401 00:27:31,940 --> 00:27:37,610 and not only can you can access pages by unloading them you can actually use 402 00:27:37,610 --> 00:27:38,360 ajax 403 00:27:39,160 --> 00:27:43,470 to interact with the with the U I process for instance you can 404 00:27:44,070 --> 00:27:48,200 for instance we have a innovation we have a page about plug ins 405 00:27:48,800 --> 00:27:52,450 and it's not there yet but eventually they'll be a button that says disable 406 00:27:53,070 --> 00:27:56,570 and what that could do is you could send an ajax request 407 00:27:57,380 --> 00:28:01,320 _2d protocol and when it gets that request it process it as if it was 408 00:28:01,320 --> 00:28:02,150 a web server 409 00:28:02,630 --> 00:28:06,690 again to disable the plug in without reloading the page 410 00:28:09,730 --> 00:28:13,940 the big issue with this is that it's a web browser and it subject to 411 00:28:13,940 --> 00:28:20,760 same origin security restrictions which essentially means that if you doing ajax promoting resources there 412 00:28:20,760 --> 00:28:24,060 are restrictions for accessing resources in another 413 00:28:25,440 --> 00:28:25,950 another 414 00:28:26,870 --> 00:28:33,060 scheme postport triplet which means that if you try to access the cost this your 415 00:28:33,060 --> 00:28:34,360 custom protocol 416 00:28:35,640 --> 00:28:39,260 from a web page on a she's ep then it's not gonna work it's gonna 417 00:28:39,260 --> 00:28:42,590 be a security but quite a security restrictions 418 00:28:44,420 --> 00:28:45,400 don't disables 419 00:28:46,800 --> 00:28:48,790 so this what this looks like now 420 00:28:50,780 --> 00:28:52,790 again we're just sort of 421 00:28:53,420 --> 00:28:57,110 registering this about protocol and again with just a callback 422 00:28:57,910 --> 00:28:59,090 what happens here is that 423 00:29:00,660 --> 00:29:04,260 is that we get the request and we can read the different properties of the 424 00:29:04,260 --> 00:29:06,100 question the path 425 00:29:07,880 --> 00:29:11,140 in here i'm just use in the past the printout a response i'm sending the 426 00:29:11,140 --> 00:29:12,830 response back to the browser 427 00:29:14,600 --> 00:29:16,440 as if i was a web server 428 00:29:26,290 --> 00:29:30,160 so before talk about the other ones i wanna talk about web extensions 429 00:29:33,550 --> 00:29:36,360 so what makes engines are essentially the way 430 00:29:37,560 --> 00:29:41,960 that we've exposed some of the more common techniques of interacting with the page 431 00:29:43,540 --> 00:29:45,460 in this multiprocessor environment 432 00:29:46,250 --> 00:29:50,620 essentially it's the shared object that the web process finds it loads it it's own 433 00:29:50,620 --> 00:29:51,400 address space 434 00:29:52,640 --> 00:29:52,990 so 435 00:29:54,260 --> 00:29:56,620 you don't have to do in the I P C really 436 00:29:57,150 --> 00:30:00,320 if you just working inside the confines of the web extension 437 00:30:00,920 --> 00:30:03,470 it's a bit like a plug and the loads in the web process 438 00:30:05,830 --> 00:30:10,630 and so you can do things synchronously like walk through the dom and it won't 439 00:30:10,630 --> 00:30:14,420 block the U I process at all we're not you are processed maybe doesn't even 440 00:30:14,420 --> 00:30:15,350 know 441 00:30:16,860 --> 00:30:20,670 and you have to worry about i the overhead of I P C or 442 00:30:21,920 --> 00:30:22,430 or not 443 00:30:23,060 --> 00:30:27,150 in is great because you have actual direct access to the dom objects just like 444 00:30:27,150 --> 00:30:27,910 you did before 445 00:30:29,410 --> 00:30:31,530 answer and on top of this 446 00:30:32,040 --> 00:30:36,530 the sort of common idea of it injected bundle you something that web get to 447 00:30:36,530 --> 00:30:38,130 exposes and all ports 448 00:30:41,820 --> 00:30:45,650 sometimes it inside a web extension you want to communicate with the U I process 449 00:30:45,650 --> 00:30:51,140 in which case you can just use D bus or whatever you went back 450 00:30:54,150 --> 00:30:56,650 typically we use device 451 00:30:59,310 --> 00:31:03,460 and this is that what that looks like so occur is a source file with 452 00:31:04,660 --> 00:31:09,670 this web kit web extension initialize which is sort of like that you for the 453 00:31:09,670 --> 00:31:14,990 name of the entry point to the to a shared object and what happens is 454 00:31:15,320 --> 00:31:20,710 once we compile this new we shared object and set the extensions directory you'll find 455 00:31:20,710 --> 00:31:23,330 the shared out we can load it and all this call this 456 00:31:23,940 --> 00:31:24,790 this function 457 00:31:27,860 --> 00:31:28,460 and 458 00:31:30,550 --> 00:31:32,610 you can print but also you can 459 00:31:33,090 --> 00:31:35,090 used G object on bindings 460 00:31:35,460 --> 00:31:35,830 which 461 00:31:37,000 --> 00:31:40,360 i guess i should probably explain is a little bit too if you're not familiar 462 00:31:40,360 --> 00:31:40,880 with those 463 00:31:41,330 --> 00:31:42,060 so essentially 464 00:31:43,290 --> 00:31:44,480 there's the doll 465 00:31:45,020 --> 00:31:50,590 and if you're familiar with web development you use the dom and javascript 466 00:31:51,370 --> 00:31:56,580 to access the internal structure of the page so you can say like page give 467 00:31:56,580 --> 00:31:57,450 me your 468 00:31:58,180 --> 00:32:01,370 your dave's and you can look at all the did you can see their contents 469 00:32:01,370 --> 00:32:04,070 you can see other properties or C S properties whatever 470 00:32:06,190 --> 00:32:06,980 and that's 471 00:32:07,350 --> 00:32:09,920 that's the javascript down bindings 472 00:32:10,820 --> 00:32:15,300 what that means is that it exposes these you there's inside or see possible subjects 473 00:32:15,300 --> 00:32:17,620 it exposes them to javascript 474 00:32:18,550 --> 00:32:22,550 and likewise you've written G a breakdown bindings which means that you can walk the 475 00:32:22,550 --> 00:32:24,200 dom with do you object 476 00:32:26,600 --> 00:32:30,870 and that means you can walk the don't see or any other language it supports 477 00:32:30,870 --> 00:32:31,970 geography introduction 478 00:32:32,840 --> 00:32:33,690 which is quite nice 479 00:32:36,490 --> 00:32:40,710 and unfortunately not of the dom is in another process we can just do that 480 00:32:40,710 --> 00:32:44,560 from the from the you i process anymore we have to do it in the 481 00:32:44,560 --> 00:32:45,520 web extension 482 00:32:46,760 --> 00:32:49,630 and again we see the 483 00:32:50,010 --> 00:32:53,380 web kit web extension initialize function which 484 00:32:55,090 --> 00:32:56,390 in which we connect 485 00:32:56,690 --> 00:33:02,390 to the page created signal of this extension object so page created is like 486 00:33:02,980 --> 00:33:05,070 you open the browser to 487 00:33:05,980 --> 00:33:07,900 and now we have a new browser time 488 00:33:08,590 --> 00:33:16,470 here in the callback for page created we attach to the document what it signal 489 00:33:16,470 --> 00:33:17,080 which 490 00:33:19,390 --> 00:33:22,960 so what obviously fires when the document is finishes loading 491 00:33:23,700 --> 00:33:31,860 and that point maybe we need a title using the exact same down binding it 492 00:33:31,860 --> 00:33:33,360 pi so we had a market one 493 00:33:35,300 --> 00:33:39,410 so if you more steps and we kind of get to feature parity with work 494 00:33:39,410 --> 00:33:40,010 at one 495 00:33:41,150 --> 00:33:41,510 so 496 00:33:42,940 --> 00:33:44,570 so at this point we're waiting 497 00:33:45,070 --> 00:33:47,480 the value of all those things i mentioned before 498 00:33:48,370 --> 00:33:56,840 security stability not exposing users banking information to fishers and scammers versus like a couple 499 00:33:56,840 --> 00:33:59,080 function calls and compound sure object 500 00:34:07,470 --> 00:34:15,950 so finally the most flexible approach which will be unveiled global be and upcoming work 501 00:34:15,950 --> 00:34:17,090 htk release 502 00:34:18,960 --> 00:34:20,140 is that we can 503 00:34:21,580 --> 00:34:25,950 we can use directly the javascript core api to interact with the page 504 00:34:26,310 --> 00:34:29,740 and what this means is that not only can we walk the dom 505 00:34:30,420 --> 00:34:35,050 but we can make a new javascript objects that are backed by native code say 506 00:34:35,050 --> 00:34:38,600 like you make a new object in the page can actually interact with that object 507 00:34:39,200 --> 00:34:44,200 for instance maybe you want to expose some system functionality 508 00:34:44,840 --> 00:34:45,960 to the page 509 00:34:46,650 --> 00:34:50,450 if you're making a hybrid application for instance and you want it to be able 510 00:34:50,450 --> 00:34:52,580 to like put the screen to sleep 511 00:34:53,120 --> 00:34:59,180 or maybe prevent the screen from sleeping if you want your video player application to 512 00:34:59,180 --> 00:35:00,100 not a 513 00:35:00,760 --> 00:35:02,640 some like at a simple it's 514 00:35:03,850 --> 00:35:05,450 what's playing what video 515 00:35:05,970 --> 00:35:09,370 what you can do is you can use this A P I to expose new 516 00:35:09,370 --> 00:35:15,210 objects into the world of the page and have the page javascript interact with it 517 00:35:15,810 --> 00:35:16,970 interact with the application 518 00:35:19,650 --> 00:35:25,200 and as well is that you can just execute arbitrary javascript and the web process 519 00:35:27,850 --> 00:35:32,110 for this you need to know the jobs to cory pi which isn't actually 520 00:35:32,910 --> 00:35:36,680 so complicated but at some point we really like to be able to 521 00:35:38,010 --> 00:35:42,140 just exposed you objects directly with see that that's a ways off 522 00:35:42,640 --> 00:35:42,960 but 523 00:35:43,930 --> 00:35:48,270 this is the most flexible approach and it's really like it if you really need 524 00:35:48,270 --> 00:35:50,900 the interaction with the page you'll have to do this 525 00:35:55,020 --> 00:36:00,230 our so that was a practical section i hope that it was useful for some 526 00:36:00,230 --> 00:36:05,560 betters to sort of see what's involve important work it to and how about convince 527 00:36:05,560 --> 00:36:06,940 use that it's worth it 528 00:36:09,320 --> 00:36:12,870 and keep in mind that like this is not just what can stick at the 529 00:36:12,870 --> 00:36:17,290 whole web this is beginning to look like this multiple processes 530 00:36:17,810 --> 00:36:18,540 and it it's a 531 00:36:19,000 --> 00:36:22,190 it's beginning to look like this because the web is beginning to look like an 532 00:36:22,190 --> 00:36:26,970 operating system the web platforms getting to look like the application platform 533 00:36:28,020 --> 00:36:30,720 and we already user browsers like this 534 00:36:30,950 --> 00:36:32,590 i mean many of you probably keep 535 00:36:32,940 --> 00:36:35,460 a web browser open all the time with one application running 536 00:36:36,370 --> 00:36:40,420 i mean that's not different in keeping an application running in your window manager i 537 00:36:40,420 --> 00:36:43,900 mean the distinction between web applications and applications is 538 00:36:44,300 --> 00:36:45,050 is almost gone 539 00:36:46,820 --> 00:36:48,780 i keep saying it but it's like a thirty happened 540 00:36:49,430 --> 00:36:49,820 so 541 00:36:51,490 --> 00:36:55,080 so what's gonna happen with get to in the future 542 00:36:55,670 --> 00:37:01,900 given us the architecture diagram gets a little bit more complicated we have more processes 543 00:37:01,900 --> 00:37:04,970 because we did it once in a work so when i keep doing it 544 00:37:05,560 --> 00:37:06,550 and so we run out of 545 00:37:07,910 --> 00:37:08,780 process handles 546 00:37:09,590 --> 00:37:10,930 so 547 00:37:12,410 --> 00:37:15,930 so what we have here is the not only do we have web processes we 548 00:37:15,930 --> 00:37:19,160 have no word process worker process stored process 549 00:37:20,870 --> 00:37:25,660 it seems first it seems like a little bit superfluous to be also is also 550 00:37:25,660 --> 00:37:27,580 something like why so many different processes 551 00:37:27,980 --> 00:37:30,300 but really it makes good sense 552 00:37:31,660 --> 00:37:32,420 in fact 553 00:37:33,570 --> 00:37:34,240 because 554 00:37:35,060 --> 00:37:36,000 when you think about it 555 00:37:38,420 --> 00:37:40,950 we really wanted to send box the web process 556 00:37:41,240 --> 00:37:45,560 we didn't want it to be able to read the disk or 557 00:37:46,960 --> 00:37:49,890 even access the network you know maybe 558 00:37:51,810 --> 00:37:56,290 maybe it's dangerous to allow arbitrary code execution to talk to that work 559 00:37:59,150 --> 00:38:00,800 and one interesting thing is that 560 00:38:01,830 --> 00:38:06,000 the way make it to works now is when the web process crashes all your 561 00:38:06,000 --> 00:38:06,940 times crash 562 00:38:07,650 --> 00:38:11,040 and really it would be nice if it was like from in where when 563 00:38:11,680 --> 00:38:13,380 attack crashed with just that time 564 00:38:14,260 --> 00:38:17,000 so that means we need multiple web processes running 565 00:38:17,540 --> 00:38:22,090 which means that they're all trying to talk to network which should be fine they 566 00:38:22,090 --> 00:38:25,330 could do that separately but once they talk to the now to take all their 567 00:38:25,330 --> 00:38:30,650 data and they try to put into the cash they try to the cookie store 568 00:38:31,760 --> 00:38:35,400 and maybe that cookie store shared among different processes 569 00:38:35,910 --> 00:38:39,840 which means that we start having like contention issues and we have to worry about 570 00:38:39,840 --> 00:38:41,610 multiple writers multiple readers 571 00:38:42,170 --> 00:38:46,340 so instead of handling all that we just split are all the networking all the 572 00:38:46,340 --> 00:38:50,820 cookie storage into it on process and we have all these different processes talk to 573 00:38:50,820 --> 00:38:51,900 this one or process 574 00:38:53,400 --> 00:38:54,340 likewise 575 00:38:55,230 --> 00:38:57,640 there are a pi is in the web platform 576 00:38:58,370 --> 00:39:00,200 what if you actually that write to the disk 577 00:39:02,720 --> 00:39:06,610 and if we sandbox the web process to laurie range of the desk and those 578 00:39:06,610 --> 00:39:07,650 if you guys won't work 579 00:39:08,540 --> 00:39:10,080 so instead of having that 580 00:39:11,520 --> 00:39:18,680 capabilities write to the disk there with this possibly militias java script code we split 581 00:39:18,680 --> 00:39:19,070 out 582 00:39:19,630 --> 00:39:24,750 the disk access use worker process or starts is stored process 583 00:39:26,510 --> 00:39:30,080 and the way that we want to think about like these process communications again is 584 00:39:30,080 --> 00:39:33,280 that we just trust the process on the other side 585 00:39:33,720 --> 00:39:35,510 we will have to cover is if 586 00:39:35,940 --> 00:39:39,720 as if that process has already been compromise is it sending us the most people 587 00:39:39,720 --> 00:39:40,700 message as possible 588 00:39:44,230 --> 00:39:45,710 but that's a lot easier 589 00:39:47,040 --> 00:39:52,450 then if there was no single point of communication between the processes there wasn't just 590 00:39:52,840 --> 00:39:56,210 if we had to make a decision all the time like overseas just we're doing 591 00:39:56,210 --> 00:39:56,930 I P C handle 592 00:40:00,420 --> 00:40:02,640 a similar was talking about snow 593 00:40:04,530 --> 00:40:08,090 we isolate applications from each other as well as really why 594 00:40:09,460 --> 00:40:10,580 our and the 595 00:40:11,370 --> 00:40:16,220 the web process regression all the taps just crash you know that one page 596 00:40:21,550 --> 00:40:23,130 makes a marketing lot easier 597 00:40:25,020 --> 00:40:30,750 the nice thing about this storage process is that this access is really slow so 598 00:40:31,120 --> 00:40:35,800 there's always some walking going on if we if we always do that is increasing 599 00:40:35,800 --> 00:40:37,980 in another process there's no issue with that 600 00:40:40,090 --> 00:40:42,150 it could be a threat but then we couldn't it sandbox 601 00:40:44,600 --> 00:40:44,870 and 602 00:40:46,940 --> 00:40:52,450 that's a feature vector to and that was my talk so is there any questions 603 00:40:53,340 --> 00:40:54,380 i can answer them now 604 00:41:03,570 --> 00:41:04,220 probably