Announcement

Collapse
No announcement yet.

Firefox 58 Bringing Faster WebAssembly Compilation With Two-Tiered Compiler

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Firefox 58 Bringing Faster WebAssembly Compilation With Two-Tiered Compiler

    Phoronix: Firefox 58 Bringing Faster WebAssembly Compilation With Two-Tiered Compiler

    With the launch of Mozilla Firefox 58 slated for next week, WebAssembly will become even faster thanks to a new two-tiered compiler...

    http://www.phoronix.com/scan.php?pag...iered-Compiler

  • #2
    Did Mozilla scrap plans for releasing Webrender in Firefox 59?

    Comment


    • #3
      Great! So now Firefox can compile javascript of dubious origin even faster into actual exploits.

      No sorry folks : I will still keep my NoScript webextension installed for now.

      Comment


      • #4
        Originally posted by DrYak View Post
        Great! So now Firefox can compile javascript of dubious origin even faster into actual exploits.

        No sorry folks : I will still keep my NoScript webextension installed for now.
        This is for webassembly not js.....

        Comment


        • #5
          Originally posted by DrYak View Post
          Great! So now Firefox can compile javascript of dubious origin even faster into actual exploits.
          No sorry folks : I will still keep my NoScript webextension installed for now.
          WebAssembly is refers to actual programs. Like WebGL Games and the likes. So this seems to actually be goog.
          Not saying that there aren't exploits in WebAssembly also, but the moment you connect your PC to the interwebs, you're already exposed...

          Comment


          • #6
            Originally posted by shmerl View Post
            Did Mozilla scrap plans for releasing Webrender in Firefox 59?
            Yeah, it's nowhere near production ready yet.

            Comment


            • #7
              I don't think there are any additional security issues introduced with WebAssembly. All the popular browsers already use JIT (just in time) compilation to turn Javascript into machine code. If anything I'd expect WebAssembly to be safer than Javascript, because writing a WebAssembly -> machine code compiler should be far more simple because WebAssembly is far simpler than Javascript. Simple systems are easier to check to make sure they are secure.

              I suppose that WebAsm is an addition to Javascript, so in that sense someone could argue that this introduces more lines of code where security compromising bugs could be introduced.

              I think that all WebAssembly modules are imported and called from within Javascript scripts. As such, if you are already blocking Javascript, you should also be blocking WebAssembly.

              Here are some examples of WebAsm:
              https://github.com/mdn/webassembly-e...s-api-examples
              Click the .index files and see how the WebAsm is pulled in.

              Comment


              • #8
                Originally posted by cybertraveler View Post
                I don't think there are any additional security issues introduced with WebAssembly. All the popular browsers already use JIT (just in time) compilation to turn Javascript into machine code. If anything I'd expect WebAssembly to be safer than Javascript, because writing a WebAssembly -> machine code compiler should be far more simple because WebAssembly is far simpler than Javascript. Simple systems are easier to check to make sure they are secure.

                I suppose that WebAsm is an addition to Javascript, so in that sense someone could argue that this introduces more lines of code where security compromising bugs could be introduced.

                I think that all WebAssembly modules are imported and called from within Javascript scripts. As such, if you are already blocking Javascript, you should also be blocking WebAssembly.
                This.
                Webassembly is, in a sense, "precompiled" javascript. ASM -> ASM translation is easier than language -> ASM.
                For where WebAssembly was inspired from, take a look as asm.js.

                It is no more dangerous than javascript. Meaning very dangerous, but still...

                Comment


                • #9
                  Originally posted by DrYak View Post
                  Great! So now Firefox can compile javascript of dubious origin even faster into actual exploits.

                  No sorry folks : I will still keep my NoScript webextension installed for now.
                  I've been using NoScript all the way until FF57. The new NoScript UI confuses me - instead of simple and fast one we've got one that displays so much unnecessary information and does things I don't even know what they're for that I decided to drop it.
                  Is it possible to use the new NoScript with the old UI?

                  Comment


                  • #10
                    Originally posted by IreMinMon View Post
                    I've been using NoScript all the way until FF57. The new NoScript UI confuses me - instead of simple and fast one we've got one that displays so much unnecessary information and does things I don't even know what they're for that I decided to drop it.
                    Is it possible to use the new NoScript with the old UI?
                    While I don't have a direct answer might I suggest trying uMatrix instead?

                    Comment

                    Working...
                    X