Information Technology Reference
In-Depth Information
The Internet and the “thin waist”
The Internet is another example of the benefit of designing interfaces to be simple
and portable. The Internet defines a packet-level protocol that can run on top of virtually
any type of network hardware and can support almost any type of network applica-
tion. Creating the World Wide Web required no changes to the Internet packet delivery
mechanism; likewise, the introduction of wireless networks required changes in hard-
ware devices and in the operating system, but no changes in network applications.
Although the Internet's “thin waist” can sometimes lead to inefficiencies, the upside is to
foster innovation in both applications and hardware by decoupling changes in one from
changes in the other.
Application-level sandboxing and operating system functionality
Applications that support executing third-party code or scripts in a restricted sandbox
must address many of these same questions, with the sandbox playing the role of the
operating system kernel. In terms of functionality: Can the scripting code start a new
instance of itself? Can it do input/output? Can it perform work in the background? Can
it store data persistently, and if it can, how does it name that data? Can it communicate
data over the network? How does it authenticate actions?
For example, in web browsers, HTML5 not only allows scripts to draw on the screen,
communicate with servers, and save and read cookies, it also has recently added pro-
gramming interfaces for offline storage and cross-document communication. The Flash
media player provides scripts with the ability to do asynchronous operations, file stor-
age, network communication, memory management, and authentication.
Just as with system calls, these interfaces must be carefully designed to be bullet-
proof against malicious use. A decade ago, email viruses became widespread because
scripts could be embedded in documents that were executed on opening; the program-
ming interfaces for these scripts would allow them to discover the list of correspondents
known to the current email user and to send them email, thereby propagating and ex-
panding the virus with a single click. The more fully featured the interface, the more
convenient it is for developers, and the more likely that some aspect of the interface will
be abused by a hacker.
