"Obviously, nothing can't go wrong."
If you need me, I'll be hiding aboard this Vogon ship leaving the ZedZedPluralZedAlpha quadrant...
Google's Chromium team has proposed a way to allow web apps to establish direct TCP and UDP network connections, a powerful capability that could complicate web security. The Raw Sockets API, which may end up being renamed the Direct Sockets API, represents an attempt to give browser apps networking capabilities that aren't …
I would have upvoted apart from your deliberate mistake.. ZedZedNinePluralZedAlpha is the sector I believe you were looking for. I can't believe the 42+4 upvoters didn't spot that and yes, my towel is currently hanging on the towel rail in the bathroom...
Apple has refused to implement some of Google's ridiculous crap like web interfaces for Bluetooth and GPS, so I hope they will refuse to implement this (or at least leave it off by default) But Safari is really only a solution for Mac and iOS users, the PC/Android crowd needs an alternative to Google's embrace/extend of the web.
Firefox really needs to stand up to this and start positioning itself as the more secure and more privacy protecting alternative to Chrome. The ship has sailed as far as it competing head to head as "best browser" now that Microsoft has sold out and PC users are getting it from both directions. So stop following Google's stupid attempts to reimplement ActiveX in all its glory and start saying no to stupid web extensions - and alert the user somehow when a web page is trying to use these facilities so they know Firefox is preventing their use.
at that point in the sentence, you should have become vvvverryyyy suspicious. And I say that even though I would probably benefit from the new API.¹
Also, what's this "[the API] will come with a higher barrier to use [than asking nicely]"? Are we seeing another step to Appstorification of the free and equal interwebs? "Yes, we have that API, but you can only use it from vetted code that you download through our AMP AppstoreMoneyProgram. This ensures your libraries and page will load quickly from our CDN, wherever in the world your users are. We even include 5000² free³ downloads every month⁴."
² subject to change ³ 49.99 setup fee; developer membership required ⁴ offer valid until September 9852, 1993
> Like WebUSB, WebMIDI and WebBluetooth, …
Yep, that bit screamed "OH FUCK" at me too. 3 things that I've gone out of my way to try and nobble in the browser to make sure that sites can't use them in the first place.
I'm not sure it's worth it though - the "mitigations" they've put in place make the workflow inconvenient, so wouldn't fit what I need (it'd need explaining to distant end-users), but without the mitigations the whole spec is a *massive* ball of fire.
"Yep. If I wanted a browser-OS, I'd use ChromeOS. You can't simply shoehorn a browser into doing everything!"
It does look as if the endgame here for The Goog is an appliance with the absolute bare minimum of OS under the browser, just enough to run it, and everything else is a webapp.
It hasn't worked so far--their Chromebooks keep gaining new features for some level of Android or Linux compatibility because people have realized that computer that runs most things beats computer that only runs a browser. Why do they want this so much anyway--they could just make Android laptops (just add more keyboard support) and get users to hand over all their data that way. It seems to me that if they want to capture all our data, they don't have to do so much work to try to force a limited OS on us when they've already got one that people use.
I don't want to firewall every host on the network in their own little bubble but it looks like that time is here.
> I like the idea of the dialog box
Which will be something along the lines of "Click here to access our supercool content!!!", and will be subsequently implicitly valid for every other connection, site and app. The "refuse connection" link will be hidden in 1-pixel height letters of background color, and will prompt you "Click here if you're really that big a loser (and want to die alone)" before grudgingly accepting your choice for a day or two.
Sorry, in plain honest English that dialog box can only say "Click here if you blindly trust the internet".
Though in this case I think the dialog will both fail because too many users will just enable it anyway, while also failing because people who were supposed to turn it on were like "what's an IP address?"
and as those above commented, the line about regular application software being the real attack surface is utter cow flop. A raw socket coming from an arbitrary web page and that is indistinguishable from a standard web request to the OS and firewall software is obviously a huge risk. Crap software with network access still has to be installed on the system, which we have a pretty good tools and methods to work with.
Chrome should stop trying to build a universal rootkit interface and work on keeping one ad on one tab from using 90% of your system resources and draining your battery. If they can lay that problem to rest , they may have a shred of credibility to add even more low level browser access.
It essentially allows the browser to talk directly to devices and other computers via the network.
So practically the same as happens here on El Reg with virtual machinery talking to humans and advising them of future surreal developments, which they may or may not be equipped to understand and assist with? That's nothing new and novel.
As we know very well, all problems in computer science can be solved by an extra level of indirection. Which means in this case that all the security crap you know and love (firewall, access control lists, certificates, crypto algorithms, switching from TCP to TLS1.3, from UDP to DTLS, need I go on?) -- all of it -- will have to be duplicated in the browser.
So isn't this just a way of helping along the plan for Chrome to take over the universe?
It essentially allows the browser to talk directly to devices and other computers via the network.
As if we don't already have enough web-based dodginess to worry about.
The Twitter discussion between King and Schuh is interesting ; King has clear concerns borne out of experience and, while Schuh attempts to allay those concerns, it is apparent that his own concerns haven't been fully taken on board in the proposals. hence the suggestion that King should get onto Github with hers.
My overall impression is that this is a potentially useful development for those who know what they're doing but a very dangerous one for the average user.
Perhaps the whole api should be delivered disabled by default, with a high barrier to enabling it (a hidden config setting would probably do it). Then those that can handle ti safely can have it while the rest are blissfully unaware of its existence.
What's really scary, is if you look at the issue list, amongst the few open issues - there's already requests on there to "break" standing security practices:
- https://github.com/WICG/raw-sockets/issues/19 - it'd be useful if this bypassed/ignored CORs
- https://github.com/WICG/raw-sockets/issues/14 - suggesting the spec will allow connection to port 25 to send mail
It gives some idea of what (some) people are already hoping to use this for - the first is a guy who want's to scrape content from sites (reddit etc) that are using CORs to try and prevent exactly that.
<grumble>Nothing good can come of this insanity</grumble>
.. and the second is clearly somebody who wants to easily sent his bulk emails from clueless users' computers...
I've been hearing for ages that "email is dead", not to mention there are heaps of email apps out there, why on earth would anybody need to send mail through a browser app? There might definitely be some isolated edge case where this might be vaguely desirable, but it definitely doesn't justify the obvious eagerness to create yet another spam vector.
This is pure, unadulterated feature creep, and I'm not surprised that it comes from a company who's biggest concern is marketing its users. All I've seen is aimed specifically at breaking barriers users might put up to reduce
spying telemetry. I've yet to hear about a feature I (simple standard user) would need (or even just like).
Just about anything is useful for those that know what they are doing.
An interface to alter engine timing while you are driving, useful if you know what you are doing. An interface to override coolant flow in a nuclear reactor, useful if you know what you doing. For that latter, there might not be anybody who REALLY knows what they are doing well enough to fuck with it, but that wouldn't stop people who WRONGLY believe they know what they are doing well enough to do so.
This should not be the bar for adding a capability to a browser that is enabled by default. The bar for adding something to a browser that is enabled by default should "will this enable new classes of malware and make the problem of malicious web pages larger than it is today?" and unless you can answer "no" it should NOT be added, or if they are MUST always be disabled by default and appropriate warnings shown if you try to enable it. Just like stuff like a web interface to bluetooth or GPS should NOT be added, or if they are MUST blah blah blah.
Google just wants to destroy the world.
Now that web safety has been completely solved,
That sentence needs to go down in El Reg history.
That aside, there is a reason why Chrome is banned from my network. Anyone in the IT world would see the grand canyon sized holes in this idea.
Google really have lost the plot unless it is all part of their next generation slurping system.
"Google really have lost the plot"
They haven't even read the CliffsNotes from what I can tell.
They see that familliar black & yellow "under construction" sign, and all they comprehend from that point forward is the Almighty Buck .... and fuck everyone and everything that they trample in its pursuit.
 That'd be Cliff's Notes if you are my age ...
"This will end with Chrome and it's derivatives being banned from my networks."
I did that years ago.
For the users where I wasn't allowed to ban it, I had a little script I liked to call fuckchrome. Stick it on their machines, and they'd have a random amount of time from 30 seconds to 15 minutes after launch before Chrome would crash. They knew better than to come to me to complain about it, because all that would get them was a "I told you not to use that garbage."
They (Google) don't care about your users. They care about the mass market, which is where they collect the private information that makes advertisers super happy.
I was forced only the other day to fire up Chrome, by a video streaming site that simply told me that my other browser was no good. Also because using Chromecast except from Chrome is a bust. So they got a bit more of my private life into their machine learning system.
"Forced? Were they holding a gun to the head of your firstborn or something?
Or do you mean 'I had to because SHINEY!!!!1!'?"
Well, I wasn't that person, and I haven't been forced to run browsers for a while, but maybe it was one of those services that it's not that easy to avoid. For example, services where you have to submit paperwork that your employer or government is asking for. Those sites have a distressing tendency to demand one browser, and while they sometimes work in other ones, sometimes they just don't. You could hope that the system concerned has a mail or fax option (if you don't mind printing things and waiting a week for the post and two or three for someone to pick it up and process it), but otherwise you're a little forced to use what they're asking you to use. Not deadly force, but force nonetheless.
The person I was responding to was forced "by a video streaming site". SHINEY!!!!
As for your argument ... When I run across government sites that don't allow me to use my browser of choice, I simply tell them that their broken software doesn't run on my machine, please give me the alternatives that are available by law under 42 U.S.C. § 12101 ... either that, or they can ship me a machine that'll run the broken code. It might take a week or three, but I have plenty of time.
To date, I have never been penalized. It's their fault that their system is broken, and they know it.
If you just sit and take it, eventually they won't let you sit anymore. But that's OK, because you probably won't feel like sitting after taking it long enough ...
True. And this shows that this level of control was the real reason the wanted to get rid of plugins like Flash and Silverlight in the first place. If you try to replicate all functionality of those plugins right in the core of the browser you will run into all the same issues. And Google sure seems to be eager to do that...