It isn’t interesting for being bytecode. Rather for being the first universal sandboxed runtime for the browser and elsewhere. Being able to write in many languages and compile to wasm targets is awesome. Safety guarantees and performance are both great too. And it can run in tiny environments.
Except that it isn’t really the first iteration of any of those things. Java did most of 'em more than a quarter century ago: browser-embedable, multiple languages could target the JVM, and, yes, sandboxed—the only issue was startup (not runtime) performance. That wasm doesn’t share those startup performance woes makes it useful, but not revolutionary.
As for tiny environments, a typical desktop system from around 1999 is somewhat similar to a Pi Zero W in terms of ability.
The sandboxes are different. The embeddable Java plugin sandbox was a bit different and susceptible to confused deputy and other attacks. So yeah, I guess you can say it is iterative but they’re kind of worlds apart. You can run thousands of wasm modules in a single process and have them all be completely isolated. Its performance and security gains, portability, and usability are all superb.
I guess I can’t really defend it well, but I think it is interesting and important.
It isn’t interesting for being bytecode. Rather for being the first universal sandboxed runtime for the browser and elsewhere. Being able to write in many languages and compile to wasm targets is awesome. Safety guarantees and performance are both great too. And it can run in tiny environments.
Maybe we should get away from “browser than can run apps” and move towards “app sandbox that also happens to render html”.
Except that it isn’t really the first iteration of any of those things. Java did most of 'em more than a quarter century ago: browser-embedable, multiple languages could target the JVM, and, yes, sandboxed—the only issue was startup (not runtime) performance. That wasm doesn’t share those startup performance woes makes it useful, but not revolutionary.
As for tiny environments, a typical desktop system from around 1999 is somewhat similar to a Pi Zero W in terms of ability.
The sandboxes are different. The embeddable Java plugin sandbox was a bit different and susceptible to confused deputy and other attacks. So yeah, I guess you can say it is iterative but they’re kind of worlds apart. You can run thousands of wasm modules in a single process and have them all be completely isolated. Its performance and security gains, portability, and usability are all superb.
I guess I can’t really defend it well, but I think it is interesting and important.