Crock’s Javascript keynote at #jsconf 2010

17 Apr

Crock’s keynote (iPhone typo alert etc) at jsconf 2010

Live blogging notes

JS came from self and scheme (2 failed languages in a clmmercial sense) and java.

“MS abandoned the web” and disbanded the IE team to work on other things.

Ajax gave Javascript a second chance. But people still hate it, and got good reason; after all, it was developed in about 10 days. People hate JS because it does have bad parts. Other reasons are less valid criticisms: DOM manipulation.

Good things include Event handling, concise expressiveness.

It’s now being used outside the browser: apps, owratong systems (widget frameworks), Databases, mobile, consumer electronics, and of course the server.

The difficult thing for evolving JS is the web itself. The most effective way to male it a better language is to remove the bad parts.

The problem is you can’t just discard those parts because people use them (and being bad and dangerous, many people like to use them). But *you* can discard them in your program, hence JSLint.

Harmony is being evolved.

* correcting the block scope problem, ie vars should go out of scope at the end of a block.

* better support for variadic (various parameters)

“IE6 Must Die”
The new syntax is useless if you must support older browsers. IE6 is still so popular because we are letting it hang on.

Under the IEEE floating point standard, 0.1+0.2 !== 0.3 …. Is only a problem on planets using the decimal system 🙂 IEEE also has a decimal standard, but too slow, so hopefully other techniques will be supported And built into the browsers.

Intermediate representation? Eg abstract parse tree would support a feature like macros.

Threads? “threads are evil” at application level, so crock doesn’t want them.

Support for tail calls. They’re short ciruited as jumps meaning you can’t trve the stack.

Crocks personal criteria for spec changes are readability and productivity, rather than just new features or mini incremental efficiency improvements.

Crock reserves #1 priority for security, an prevention of XSS. Once a script gets a foothold, the attacker can see everything the user sees. Including secret tokens and running in the SSL channel; your server had no way to distinguish between trusted code and third party code. The attacker can completely control the display, e.g. Ask the use for their password. The attacker can send any obtained info to any server in the world.

None of these things are bugs; they’re the standards, Invented in 1995, we’ve made no progress on them in 14 years. Why?

* web stack is too complicated and browsers male heroic efforts to support malformed contents.
* Javascript’s global object doesn’t recognize there are separate interests on the page.

Mashups – extremely interesting and also very unsafe. Advertising is mashup too and had led to security problems.

Caja and Adaafe go some way to helping …. Denying access to the global object and the DOM.

ES5/Strict will support this kind of thing. But still more work to be done.

This is another reason why IE6 must die; it won’t support these improved security models.

The DOM is an awful API – painful for developers and insecure. Crock days html5 makes security worse:
* increases surface area
* gives attackers new capabilities for evil
* it will take a long time to complete, so even longer to fox xss.

Crocks proposal is to start again, with xss as the first priority. And with a new DOM modelled on the Ajax libraries.

Most ppoular aproaches to security fail: security by inconvenience, by obscurity, by identity…fail. So we have to do security by vigilance. Ir everyone has to play a role, not just security experts.

Fortunately, secure models fall from good design. See Parnas (1972), “capability security”. a worthy read. Not just information-hiding, but capabiity-hiding. (main takeaway is that global object is evil.)

Ecmascript is being transformed into an object capability model.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: