An idea I just had to get out there before it dies
-
With the VM you can give it access only to certain things. My memory is a managed byte array with clear bounds, my set of instructions are limited to the low level operations the server is capable of, so say you did this with a machine with like 4 tesla cards (or whatever they're calling them today), and the clients could offload rendering operations (not necessarily realtime, but quick) then your client wants to be able to say, motion blur something. You could write the transform for that in the bytecode. What instructions the VM takes depends on what the service does. But I don't think custom graphics filters for example, would pose much security risk. If all your instructions deal in math or pixels and polygons.
Real programmers use butterflies
The problem there is the same as most "exploits" on Windows (and other systems, including Linux based stand alone hardware): any tiny mistake can expose stuff you didn't expect to. Just think of the number of buffer overrun exploits you heard about a few years ago. Allowing "downloaded code" to run is always a security risk, even if you are pretty sure nothing can get outside the sandbox ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
-
The problem there is the same as most "exploits" on Windows (and other systems, including Linux based stand alone hardware): any tiny mistake can expose stuff you didn't expect to. Just think of the number of buffer overrun exploits you heard about a few years ago. Allowing "downloaded code" to run is always a security risk, even if you are pretty sure nothing can get outside the sandbox ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
-
Message passing allows you to send something to another thread or perhaps process or machine(s), to be processed on the remote end. Usually, you have a fixed number of "messages" that the other side understands, but what if you could send *code* in the stream, even across process or network? Doing that would allow your service to be extensible by its clients. As the clients upgrade their capabilities the server follows suit, sometimes without changing it at all. There are two problems with this - complexity and security. There is a solution to both - something like a Pike VM like this Regex as a Tiny "Threaded" Virtual Machine[^] Except with more than 7 or so instructions. It could be built up to be mini VM that understands say 20 different bytecode instructions. If you find that's eating up bandwidth add more instructions that do more complicated things, making them "chunkier", until the VM is mature. Once it gets there you can do like I said with the extensible service. This is either the dumbest idea I've had in the past two weeks to the best. I'm still not sure. Maybe coffee will clear it up. :-D
Real programmers use butterflies
It seems to me you are describing a stripped down version of sending something like java code somewhere to be executed on a virtual machine. To me, this raises the question of why bother stripping it down? In other words, it seems like a bit of a twist on the HTML browser-server model.
"They have a consciousness, they have a life, they have a soul! Damn you! Let the rabbits wear glasses! Save our brothers! Can I get an amen?"
-
It seems to me you are describing a stripped down version of sending something like java code somewhere to be executed on a virtual machine. To me, this raises the question of why bother stripping it down? In other words, it seems like a bit of a twist on the HTML browser-server model.
"They have a consciousness, they have a life, they have a soul! Damn you! Let the rabbits wear glasses! Save our brothers! Can I get an amen?"
I guess it kind of is. After i wrote the post i thought about javascript, and extending a Javascript machine to run on the server, but i think other commenters have talked me down from the edge of this particular cliff.
Real programmers use butterflies
-
:sigh: You're not wrong This is why we can't have nice things.
Real programmers use butterflies
Thomas Huxley:
The great tragedy of science - the slaying of a beautiful hypothesis by an ugly fact.
:sigh:
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
-
Thomas Huxley:
The great tragedy of science - the slaying of a beautiful hypothesis by an ugly fact.
:sigh:
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
Facts schmacts. Believe what is beautiful, but check your work. :-D
Real programmers use butterflies
-
You have to lighten up in your interpretation, often ending up as self criticism. I was just making a funny - I usually forget to click any of the radio buttons for a post. It's the lounge. Relax. Take off your shoes. Burp Phart Make yourself comfortable. You're among friends, here.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
Oi! No pharting in the lounge please. That's what elevators are for.
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
-
Oi! No pharting in the lounge please. That's what elevators are for.
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
Yeah. I know. But how else can we tell you we like you so expressively?
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
Message passing allows you to send something to another thread or perhaps process or machine(s), to be processed on the remote end. Usually, you have a fixed number of "messages" that the other side understands, but what if you could send *code* in the stream, even across process or network? Doing that would allow your service to be extensible by its clients. As the clients upgrade their capabilities the server follows suit, sometimes without changing it at all. There are two problems with this - complexity and security. There is a solution to both - something like a Pike VM like this Regex as a Tiny "Threaded" Virtual Machine[^] Except with more than 7 or so instructions. It could be built up to be mini VM that understands say 20 different bytecode instructions. If you find that's eating up bandwidth add more instructions that do more complicated things, making them "chunkier", until the VM is mature. Once it gets there you can do like I said with the extensible service. This is either the dumbest idea I've had in the past two weeks to the best. I'm still not sure. Maybe coffee will clear it up. :-D
Real programmers use butterflies
honey the codewitch wrote:
Usually, you have a fixed number of "messages" that the other side understands, but what if you could send *code* in the stream, even across process or network?
The first thought that crossed my mind when I read this was "ActiveX". I'll leave it at that.
-
honey the codewitch wrote:
Usually, you have a fixed number of "messages" that the other side understands, but what if you could send *code* in the stream, even across process or network?
The first thought that crossed my mind when I read this was "ActiveX". I'll leave it at that.
:shudder:
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
-
honey the codewitch wrote:
Usually, you have a fixed number of "messages" that the other side understands, but what if you could send *code* in the stream, even across process or network?
The first thought that crossed my mind when I read this was "ActiveX". I'll leave it at that.
:laugh: To be fair they didn't use a VM but i hear you.
Real programmers use butterflies
-
Yeah. I know. But how else can we tell you we like you so expressively?
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
You are so full of .... hot air
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
-
You are so full of .... hot air
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
OK - it's time you're given the facts of life. In this case, did you ever wonder why a phart stinks? ? ? ? ? ? ? It's for the benefit of those who didn't hear it.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
Message passing allows you to send something to another thread or perhaps process or machine(s), to be processed on the remote end. Usually, you have a fixed number of "messages" that the other side understands, but what if you could send *code* in the stream, even across process or network? Doing that would allow your service to be extensible by its clients. As the clients upgrade their capabilities the server follows suit, sometimes without changing it at all. There are two problems with this - complexity and security. There is a solution to both - something like a Pike VM like this Regex as a Tiny "Threaded" Virtual Machine[^] Except with more than 7 or so instructions. It could be built up to be mini VM that understands say 20 different bytecode instructions. If you find that's eating up bandwidth add more instructions that do more complicated things, making them "chunkier", until the VM is mature. Once it gets there you can do like I said with the extensible service. This is either the dumbest idea I've had in the past two weeks to the best. I'm still not sure. Maybe coffee will clear it up. :-D
Real programmers use butterflies
honey the codewitch wrote:
Usually, you have a fixed number of "messages" that the other side understands, but what if you could send *code* in the stream, even across process or network?
In the Human world, this is known as "education", or "training". You are suggesting that we give the client computers an ability to "learn" - a non-trivial task. At minimum, you would need a "compiler" on the client, with capabilities known to the server. the client would, at minimum, have to understand a "message definition" message which defines both the message format and the code to be executed when the message is sent. If you wish an adaptive system, i.e. one that improves as the capabilities of the client are upgraded, you will need a "send capabilities" message which would allow the client to communicate its capabilities to the server. If you want to get really fancy, you could have the client use a "message definition" message as well, which would allow it to educate the server about unexpected capabilities that it has developed. I'm unsure if that way lies madness or genius. :)
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
-
honey the codewitch wrote:
Usually, you have a fixed number of "messages" that the other side understands, but what if you could send *code* in the stream, even across process or network?
In the Human world, this is known as "education", or "training". You are suggesting that we give the client computers an ability to "learn" - a non-trivial task. At minimum, you would need a "compiler" on the client, with capabilities known to the server. the client would, at minimum, have to understand a "message definition" message which defines both the message format and the code to be executed when the message is sent. If you wish an adaptive system, i.e. one that improves as the capabilities of the client are upgraded, you will need a "send capabilities" message which would allow the client to communicate its capabilities to the server. If you want to get really fancy, you could have the client use a "message definition" message as well, which would allow it to educate the server about unexpected capabilities that it has developed. I'm unsure if that way lies madness or genius. :)
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
Daniel Pfeffer wrote:
At minimum, you would need a "compiler" on the client, with capabilities known to the server. the client would, at minimum, have to understand a "message definition" message which defines both the message format and the code to be executed when the message is sent.
Yes. Also I wasn't talking about making it learn so much as giving the client software the ability to send remedial software to the server that it could run to perform a task - which instructions are available would be specific to whatever the server does.
Real programmers use butterflies
-
Daniel Pfeffer wrote:
At minimum, you would need a "compiler" on the client, with capabilities known to the server. the client would, at minimum, have to understand a "message definition" message which defines both the message format and the code to be executed when the message is sent.
Yes. Also I wasn't talking about making it learn so much as giving the client software the ability to send remedial software to the server that it could run to perform a task - which instructions are available would be specific to whatever the server does.
Real programmers use butterflies
honey the codewitch wrote:
which instructions are available would be specific to whatever the server does.
That is still learning. Humans may be hard-wired to learn language (the "message definition" message), but no human language is universal; every language has some things that cannot be said in it.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
-
honey the codewitch wrote:
which instructions are available would be specific to whatever the server does.
That is still learning. Humans may be hard-wired to learn language (the "message definition" message), but no human language is universal; every language has some things that cannot be said in it.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
Except the instructions are fixed. It could be adapted into a learning system.
Real programmers use butterflies
-
Message passing allows you to send something to another thread or perhaps process or machine(s), to be processed on the remote end. Usually, you have a fixed number of "messages" that the other side understands, but what if you could send *code* in the stream, even across process or network? Doing that would allow your service to be extensible by its clients. As the clients upgrade their capabilities the server follows suit, sometimes without changing it at all. There are two problems with this - complexity and security. There is a solution to both - something like a Pike VM like this Regex as a Tiny "Threaded" Virtual Machine[^] Except with more than 7 or so instructions. It could be built up to be mini VM that understands say 20 different bytecode instructions. If you find that's eating up bandwidth add more instructions that do more complicated things, making them "chunkier", until the VM is mature. Once it gets there you can do like I said with the extensible service. This is either the dumbest idea I've had in the past two weeks to the best. I'm still not sure. Maybe coffee will clear it up. :-D
Real programmers use butterflies
I worked on a product that did this. The primary server downloaded code to access servers at run time, on a per-session basis. It took the form of opcodes in an interpreted language, running on a virtual stack machine. The access servers were also preloaded with "scripts" that the downloaded code could invoke, which reduced its size. This was an embedded system, so security wasn't an issue. It wasn't too complex, but a detailed spec didn't have to be written: it was proprietary, so however the access devices worked was the de facto spec. New access devices had to be backward compatible, which sometimes meant replicating the idiosyncrasies of the original access devices with regard to how the language was interpreted. All of this generally worked well, but you can add backward compatibility as a third problem if trying to do this for more complicated applications.
Robust Services Core | Software Techniques for Lemmings | Articles
-
Message passing allows you to send something to another thread or perhaps process or machine(s), to be processed on the remote end. Usually, you have a fixed number of "messages" that the other side understands, but what if you could send *code* in the stream, even across process or network? Doing that would allow your service to be extensible by its clients. As the clients upgrade their capabilities the server follows suit, sometimes without changing it at all. There are two problems with this - complexity and security. There is a solution to both - something like a Pike VM like this Regex as a Tiny "Threaded" Virtual Machine[^] Except with more than 7 or so instructions. It could be built up to be mini VM that understands say 20 different bytecode instructions. If you find that's eating up bandwidth add more instructions that do more complicated things, making them "chunkier", until the VM is mature. Once it gets there you can do like I said with the extensible service. This is either the dumbest idea I've had in the past two weeks to the best. I'm still not sure. Maybe coffee will clear it up. :-D
Real programmers use butterflies
honey the codewitch wrote:
but what if you could send *code* in the stream, even across process or network?
I did a test case of that using Docker and Python, including the ability to do some basic UI layout, etc. I really liked the idea and it worked well - spin up a Docker instance, run the code, and after a period of inactivity or when the user logs out, kill the Docker instance. Given that one is working in essentially a VM, the only thing one has access to is one's own Linux instance, so I wasn't too concerned with security, haha. For example, you could, in Python, list the contents of the OS folders, etc., but I didn't really care. The impetus for this are those sites that let you run C# code snippets, and I was curious how they might do such a thing, especially given the security issues.
Latest Articles:
Proxy class for TypeScript/Intellisense DOM manipulation -
honey the codewitch wrote:
but what if you could send *code* in the stream, even across process or network?
I did a test case of that using Docker and Python, including the ability to do some basic UI layout, etc. I really liked the idea and it worked well - spin up a Docker instance, run the code, and after a period of inactivity or when the user logs out, kill the Docker instance. Given that one is working in essentially a VM, the only thing one has access to is one's own Linux instance, so I wasn't too concerned with security, haha. For example, you could, in Python, list the contents of the OS folders, etc., but I didn't really care. The impetus for this are those sites that let you run C# code snippets, and I was curious how they might do such a thing, especially given the security issues.
Latest Articles:
Proxy class for TypeScript/Intellisense DOM manipulationMarc Clifton wrote:
especially given the security issues.
There's always the possibility they're relying on .NET's Code Access Security feature to do the heavy lifting. It works pretty well. I could probably find out if I tinkered with the C# code enough to see what it let you do and what it didn't but it's work. ;P
Real programmers use butterflies
