Human Factors of XR: Using Human Factors to Design XR Systems
Firefox vs. chrome
1. Mozilla Firefox Architecture Vs. Chromium Architecture
Group I
P.P.P.S Pathirana 090364A
L.N.P.T Perera 090377P
A.I Ranathunga 090423F
2. “ software application for retrieving,
presenting, and traversing
information resources on the World
Wide Web”
Wikipedia
3. • Bring information resources to the user for a given
URL.
• Handle Uniform Resource Identifier
• Direct prefixes that the browser cannot handle to
another application.
• Identify the web page content and display the
information
• Identify unsupported file types and direct user to
download them.
4. Mozilla Firefox
Mozilla Firefox is a free and open source
web browser developed and maintained
by Mozilla foundation. Firefox is the
second most widely used browser in the
world.
Chromium
chromium is the open source web browser
project from which Google Chrome draws
its source code..
5. supports tabbed browsing, which allows users to open several
pages in one window.
Integrated customizable download manager is also included
6. • Remember user history and Data
• Both Firefox and Chrome relies on the extension system.
10. Master slave design
pattern is used. Where
Masters are located at
Network Service Package
and slaves are other
subsystems such as
protocol handler
11. Gecko is responsible for getting data from Necko subsystem and converting
them into a viewable form.
For that it gets services from other
components such as data
persistence , display backend ..
Etc.
In Rendering and browser engine
there are 6 components such as
document Parser, Content Model,
Frame Constructor, Image Library,
Style System and Platform
Specific Rendering and Widgets
12. Security of the Mozilla is implemented using the
component Personal Security manager
13. • Personal security manager gets services from
NSS and provides security services to the
client.
• NSS provides open source libraries to be
reused by the client applications and tools to
manage keys and security models.
• Crypto functions are set of public functions
that perform cryptographic operations
14. Views
Network
Data
Browser Kernel
JavaScript
Engine Rendering Extensions
Plugins
V8 engine
• Multiple instances of Rendering Engine will be used at the same time
• The browser kernel is responsible for managing multiple instances of
the rendering engine and for implementing the browser kernel API
• Rendering engine uses WebKit opens source layout engine for the
rendering process
• Chromium browser users a separate optimized JavaScript engine called
V8 instead of inbuilt JavaScript capabilities of WebKit to increase the
speed
15. Brings operating systems’ separate process architecture in to
the browser.
Use separate processes for browser tabs to protect the overall application
from bugs and glitches in the rendering engine (i.e. A malfunction in a single
tab does not affect the overall stability of the browser)
Main process that runs the
UI and manages tab and
plugin processes as the
"browser process".
Likewise, the tab-specific
processes are called
"render processes"
16. Chromium hope to reduce the severity of vulnerabilities by isolating a
browser’s complex components by adding layers of defense and reducing
their privileges.
Two major components
•Browser kernel (high privileged) – interacting with OS, data persistence, network
access. Subjected to OS level security barriers
•Rendering Engine (low privileged) - Chromium uses a modular architecture that places
the complex rendering engine in a low-privilege sandbox
17. Plugins are created by third party vendors. They cause many
security vulnerabilities and instabilities. Sandboxing can not be
used here because they are not designed to run in Chromium’s
sandboxed architecture.
To compromise security, stability and
usability solution is to run each plugin as
separate process. Rendering engine
instances will communicate with them
through IPCs
Advantages of running each plugin as a separate process
•Each plugin is run with users privileges. This improves usability (e.g. the
Flash Player plug-in can use the user's microphone and webcam)
•Crash of a plugin does not affect over all browser stability
Vendors could write future versions of plug-ins that operate within
Chromium's sandbox, to provide greater defense against plug-in
exploits.
18. • Chromium's separate process architecture and
it’s V8 JavaScript engine makes it fast
• Firefox maintains threads for each search
instance. So that chrome has become more
faster.
19. • Because of different rendering processes and
plugin processes in chrome error in a
rendering task or browser plugin does not
affect the stability of the overall browser
• Firefox has a disadvantage in this case
because if one plugin crashes it affects all
other pages. Electrolysis project is underway
to introduce process based browsing.
20. • Chromium's sandbox architecture protects
browser kernel and OS from malicious codes
• Firefox onion architecture for cryptographic
operations protects main crypto code in
Personal Security Manager.
21. • Separate process architecture in chromium
uses more memory and CPU.
• Firefox has its own advantage in this case.
Because it uses one single process and
memory consumption is very low comparing
to chrome.
Notes de l'éditeur
The architectures we selected to analyze are two browser architectures.
Lets first look at what a browser is. According to Wikipedia, a browser is “a software application for retrieving presenting, and traversing information resources on the World Wide Web”. Here the “Information resources” can be identified by a URI (Uniform resource identifier) and it can be a web page, image, video, or other piece of content. A web browser can also defined as a software that enable the users to access the internet.
Before discuss about the browser architectures, let’s first look at the main functionalities of a web browser. Bring information for a given URL. This process begins when a user inputs a URL (Uniform Resource Locator) into the browser. Handle URI. URI determines how the URL will be interpreted. The most commonly used URI is “htttp”. If the web browser can not handle the prefix (URI), then it will passes to another application Once the resource has been retrieved the web browser displays it to the user. Web browsers can generally display any kind of content that can be a part of a web page. If browser encounter a file of an unsupported type, the browser prompts the user to save the file to disk
The two architecture we are going to compare are Mozila firefox and Chromium. Mozila firefox is a free and open source web browser and it is the second most widely used browser. Firefox runs on various operating systems. To display web pages, it uses the Gecko layout engine which implements many current web standards. Chromium is the open source web browser project which Google chrome draws its source code. The major aim of this is to have a tabbed window manager than the traditional browser application. Later slides will discuss the other features of these two browsers.
Both app lications support tabbed browsing, which gives the ability to switch between several open web pages within a single web browser window by clicking on tabs. Both support integrated customizable download manager.
Both allow the user to relocate the history data. Both Firefox and Chrome relies on the extension system to allow users to modify the browser according to their requirements instead of providing all features in the standard distribution.
User Interface Components UI provides the methods to components to interact with user. UI components like search bar and buttons like print , refresh, go, home are there at user interface. Browser Engine high-level interface to the Rendering Engine by UI. So it provides methods to initiate the loading of a URL and other high-level browsing actions (reload, back, forward). Rendering Engine Organizes the visual representation of the browser. The Rendering Engine interprets the HTML, XML, and JavaScript that comprises a given URL and generates the layout that is displayed in the User Interface. Main role of the rendering engine is html parser. Networking component Handles HTTP and FTP requests . It also handles internet communication and security, character set translations and MIME type resolution. And it caches the web pages also. JavaScript interpreter executes the JavaScript code that is embedded in a website. Then it sends it to rendering engine to get the visual effects. The XML Parser component is used to parse XML documents. The Display Backend component Working with the operating system and provides drawing and windowing methods which depends on OS. Main architecture is consisting of layered architecture style where each layer below provides services to layer above.
Brief introduction to components Network services. Network services contains components used by other subsystems. Manages the protocol drivers and provides an interface making objects URI strings URI. manages nsSocketTransportService takes transport service based physical Internet protocol drivers and connections. And also it contains listeners such as nsSyncStreamListener and nsAsyncStreamListener which objects are passed to nsIChannel instance. Protocol handler Protocol handler chooses what protocol should be followed according to the specific protocol choosen at the UI level. So that is a layer between UI and Socket Transport. And it also creates channels. Channel can be used to get a socket transport or file transport. Socket transport is used to get internet connection and file transport is used to get file system connection. Socket Transport Layer between protocol handler and internet. Facilitates all socket threads when connecting to internet. There are also another components between these two layers. Stream Converter Conversion services are done like converting text to HTML in case the text cannot be handled by protocol handler. Security Security is managed by Personal Security Manager (PSM) which handles cryptographic operations. Applications use PSM client library to get its services. Necko Utility Works independently of the other components and provides common services to all other components. And also there are other modules such as DNS, COOKIE, MIME and cache where the name implies what each component is responsible for .
Pipe and Filter structure In a pipe and filter style each component has a set of input streams and a set of output streams. A component reads streams of data on its input streams, processes the data and writes the resulting data on its output streams. Hence components are termed filters. The connectors of this style merge the streams together, they transmit outputs of one filter to inputs of another filter. Hence the connectors are termed pipes. First URL object is created and passed to Network Service which identifies the protocol that the URL belongs to(http,ftp, gopher..etc). The protocol handler instantiates a protocol connection . Then it creates transport object which represents physical connection to the relevant data. When incomming data is received it is notified to the application which it runs.
Master slave design pattern Master slave design pattern is used where an identical computation must be performed many times, but with different inputs and context. So that master creates separate threads for each slave and let them run independently. And finally it collects the outcomes of each thread and reports to clients. In this case single socket transport thread is created in Network Service Package. Then it creates several file descriptor threads which acts as slaves.
Provides a large variety of cipher suites for key exchange, digital signatures, bulk encryption, and data integrity. Manages certificates for mutual authentication. Manages passwords and cookies. Very user-friendly UI for the users to customize their security settings. Easy to understand if you have some basic knowledge about Internet security Easy access to the security info of a particular page Othe PKI functions. Supports embedding systems to use the cryptographic components without the UI. High performance – fast enough for disk encryption The goal is 1MB per second for both encryption and decrypton The public functions listed here perform cryptographic operations via the PKCS #11 interface.If documentation is available for a function listed below, the function name is linked to its entry in the SSL Reference. The LXR summary for each function provides links to the function definition, prototype definition, and source code references. The NSS version column indicates which versions of NSS support the function.
This is a very high level diagram. Each component here consist of many other components. Rendering engine uses the browser kernel API is to issue network requests, access persistent storage, and display bitmaps on the user's screen. Separate instances of rendering engine will be instantiated as a separate process for each tab. This will increase the robustness and performance. Will be explained in detail in the next slide Architecture is designed as more third party extensions can be plugged in to the system. This increases the extendibility. By using separate components maintainability is enhanced. ( as an example Java script engine can be updated or replaced with another one without affecting the other parts. Specific architectural designs used in chromium will be discussed in next slides
In computer security, a sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers, untrusted users and untrusted websites.( Definition given in Wikipedia ) The sandbox aims to prevent the rendering engine from interacting with other processes and the user’s operating system, except by exchanging messages with the browser kernel via an IPC (Inter process communication) channel. These security mechanisms block access to any files, devices, and other resources on the user’s computer. Even if an attacker is able to exploit a vulnerability and run malicious code in the rendering engine, the sandbox will block the attacker’s attempts to install malware on the user’s computer or to read sensitive files from the user’s hard drive. Reducing privileges cause engineering challenges to the designer. Will be discussed in the next slide
Browser plugins are a essential thing in web browsing so it has to be supported somehow. Chromium introduces this architecture which have a good balance between usability stability and security.
Firefox Good for the machines with low ram and cpu power.