Going full circle

Whilst driving this sort of progress and enjoying the expansion of the pie, I am also reminded that we must also go back full circle and reflect on the messages in Lin’s opening keynote.

With WebAssembly moving outside of the browser we need to remember that we are also moving to areas which may not necessarily have the browser’s same sandboxing capabilities. Sandboxing facilitates one of WebAssembly’s key benefits. Security!

Nowadays around 80 percent of code (in a given project) consists of pre-existing libraries and dependencies. This is brilliant in terms of reuse and efficiency. Software developers are well aware that pre-existing modules allow us to save time and also build better software; by standing on the shoulder of giants. Unfortunately, attackers can implant malicious code into these reusable modules. Software developers must try to avoid widespread vulnerabilities and in doing so will be protecting the users of their software.

One of the best ways to achieve a high level of security, safety and privacy is to ensure that software products do not have access to the end-user’s system resources. Traditional Virtual Machines (VMs) and containers provide a level of sandboxing; taking away the software’s ability to access the host system. So how does WebAssembly achieve this same level of safety in terms of isolation?

The security of WebAssembly is deliberately built in by design. For example, WebAssembly sandboxes each module by default; modules do not have any access to APIs or system calls. With WebAssembly, if the developer wants a module to access an API or a system call, they are required to explicitly declare that they want access and then provide this information as part of the shipped module. This makes the intent of the module very obvious; public and transparent.

The WebAssembly System Interface (WASI) provides a type of capability based security whereby different modules can have different permissions to different resources. The future plan is for WebAssembly to apply a fine-grain form of per-module virtualisation. With this sort of design a developer would be able to spot malicious modules and not include that code in the dependency tree of the application which they are building.

Importantly, as Lin mentioned, security guarantees do not just fall out directly when using WebAssembly, we have to follow good conventions and bake security guarantees into our tools. This will take some work.

As a community we can choose to make our users secure by default.

These sorts of deliberate patterns and designs are already starting to be baked into tools which are provided by projects such as the bytecode alliance.

I saw an incredible amount of new projects and use-cases for WebAssembly during the summit. I left the event completely inspired by the future possibilities of WebAssembly. I also left the summit with a saying in mind. “We don’t want to have a trade-off between developer productivity and user safety. We want both!”

Lin concluded her presentation by quoting her teammate and WebAssembly co-creator Luke Wagner, by saying …

“We have an opportunity to build new secure-by-default foundations for native development that are portable and scalable. We need to take deliberate cross-industry action to ensure this happens in the right way”

The future of WebAssembly proposals

As a new World Wide Web Consortium (W3C) member, I am thoroughly looking forward to participating in the upcoming calls which relate to WebAssembly proposals as well as broader WebAssembly Community Group (GC) topics, as mentioned throughout this article.

If you are interested in the the latest progress of WebAssembly proposals, you can read the transcripts and view the presentations of WebAssembly Community Group (CG) meetings via GitHub. For example, these meeting notes are from the CG meeting which was hosted by Google, in San Francisco for two consecutive days following the Wasm Summit; the 11th & 12th of February 2020.

Thank you!

I would like to thank the organisers of this excellent event. The participants were indeed all “actively awesome”. I met so many new people from the leading technology companies and projects from around the world. If I had to give one piece of feedback, “please hold this event again next year”. I think that we will all be amazed by what the community will have achieved by then.