Peter Bright writes:
Since its release a few weeks ago, curious developers have been sniffing through the source code for Google’s new Chrome web browser. Chrome’s source is interesting for a variety of reasons: there’s the new V8 JavaScript virtual machine with its boasts of near-native code performance, the WebKit rendering engine that does all the hard work of understanding and displaying web pages, and (last but not least), Chrome’s secure sandbox designed to minimize the impact of any security flaws that might exist in both the browser and plugins alike. It is this secure sandbox that has piqued the curiosity of some observers, and for a reason that many may find surprising. From reading the source, it looks as though Google has reverse-engineered Windows, and that’s explicitly prohibited by the Windows EULA.
But before looking at the question of disassembly, it’s worth taking a look at how Chrome is put together and at why its security architecture is interesting.