Firefox vs. chrome
Download as PPT, PDF0 likes2,947 views
Chromium and Firefox have different architectural designs. Chromium follows a multi-process model with a browser kernel managing separate renderer and plugin processes, allowing crashes in one tab/plugin to be isolated. Firefox traditionally used a single process model but is working on a multi-process model. The multi-process approach enhances stability in Chromium but uses more resources, while Firefox uses fewer resources but vulnerabilities could previously affect the whole browser. Both browsers use extension and plugin systems but Chromium sandboxes plugins for added security.
Firefox vs. chrome
- 1. Mozilla Firefox Architecture Vs. Chromium Architecture Group I P.P.P.S Pathirana 090364A L.N.P.T Perera 090377P A.I Ranathunga 090423F
- 2. “ software application for retrieving, presenting, and traversing information resources on the World Wide Web” Wikipedia
- 3. • Bring information resources to the user for a given URL. • Handle Uniform Resource Identifier • Direct prefixes that the browser cannot handle to another application. • Identify the web page content and display the information • Identify unsupported file types and direct user to download them.
- 4. Mozilla Firefox Mozilla Firefox is a free and open source web browser developed and maintained by Mozilla foundation. Firefox is the second most widely used browser in the world. Chromium chromium is the open source web browser project from which Google Chrome draws its source code..
- 5. supports tabbed browsing, which allows users to open several pages in one window. Integrated customizable download manager is also included
- 6. • Remember user history and Data • Both Firefox and Chrome relies on the extension system.
- 7. It follows layered architectural Style. Each layer below provides Services to upper layer
- 10. Master slave design pattern is used. Where Masters are located at Network Service Package and slaves are other subsystems such as protocol handler
- 11. Gecko is responsible for getting data from Necko subsystem and converting them into a viewable form. For that it gets services from other components such as data persistence , display backend .. Etc. In Rendering and browser engine there are 6 components such as document Parser, Content Model, Frame Constructor, Image Library, Style System and Platform Specific Rendering and Widgets
- 12. Security of the Mozilla is implemented using the component Personal Security manager
- 13. • Personal security manager gets services from NSS and provides security services to the client. • NSS provides open source libraries to be reused by the client applications and tools to manage keys and security models. • Crypto functions are set of public functions that perform cryptographic operations
- 14. Views Network Data Browser Kernel JavaScript Engine Rendering Extensions Plugins V8 engine • Multiple instances of Rendering Engine will be used at the same time • The browser kernel is responsible for managing multiple instances of the rendering engine and for implementing the browser kernel API • Rendering engine uses WebKit opens source layout engine for the rendering process • Chromium browser users a separate optimized JavaScript engine called V8 instead of inbuilt JavaScript capabilities of WebKit to increase the speed
- 15. Brings operating systems’ separate process architecture in to the browser. Use separate processes for browser tabs to protect the overall application from bugs and glitches in the rendering engine (i.e. A malfunction in a single tab does not affect the overall stability of the browser) Main process that runs the UI and manages tab and plugin processes as the "browser process". Likewise, the tab-specific processes are called "render processes"
- 16. Chromium hope to reduce the severity of vulnerabilities by isolating a browser’s complex components by adding layers of defense and reducing their privileges. Two major components •Browser kernel (high privileged) – interacting with OS, data persistence, network access. Subjected to OS level security barriers •Rendering Engine (low privileged) - Chromium uses a modular architecture that places the complex rendering engine in a low-privilege sandbox
- 17. Plugins are created by third party vendors. They cause many security vulnerabilities and instabilities. Sandboxing can not be used here because they are not designed to run in Chromium’s sandboxed architecture. To compromise security, stability and usability solution is to run each plugin as separate process. Rendering engine instances will communicate with them through IPCs Advantages of running each plugin as a separate process •Each plugin is run with users privileges. This improves usability (e.g. the Flash Player plug-in can use the user's microphone and webcam) •Crash of a plugin does not affect over all browser stability Vendors could write future versions of plug-ins that operate within Chromium's sandbox, to provide greater defense against plug-in exploits.
- 18. • Chromium's separate process architecture and it’s V8 JavaScript engine makes it fast • Firefox maintains threads for each search instance. So that chrome has become more faster.
- 19. • Because of different rendering processes and plugin processes in chrome error in a rendering task or browser plugin does not affect the stability of the overall browser • Firefox has a disadvantage in this case because if one plugin crashes it affects all other pages. Electrolysis project is underway to introduce process based browsing.
- 20. • Chromium's sandbox architecture protects browser kernel and OS from malicious codes • Firefox onion architecture for cryptographic operations protects main crypto code in Personal Security Manager.
- 21. • Separate process architecture in chromium uses more memory and CPU. • Firefox has its own advantage in this case. Because it uses one single process and memory consumption is very low comparing to chrome.
Editor's Notes
- #2: The architectures we selected to analyze are two browser architectures.
- #3: Lets first look at what a browser is. According to Wikipedia, a browser is “a software application for retrieving presenting, and traversing information resources on the World Wide Web”. Here the “Information resources” can be identified by a URI (Uniform resource identifier) and it can be a web page, image, video, or other piece of content. A web browser can also defined as a software that enable the users to access the internet.
- #4: Before discuss about the browser architectures, let’s first look at the main functionalities of a web browser. Bring information for a given URL. This process begins when a user inputs a URL (Uniform Resource Locator) into the browser. Handle URI. URI determines how the URL will be interpreted. The most commonly used URI is “htttp”. If the web browser can not handle the prefix (URI), then it will passes to another application Once the resource has been retrieved the web browser displays it to the user. Web browsers can generally display any kind of content that can be a part of a web page. If browser encounter a file of an unsupported type, the browser prompts the user to save the file to disk
- #5: The two architecture we are going to compare are Mozila firefox and Chromium. Mozila firefox is a free and open source web browser and it is the second most widely used browser. Firefox runs on various operating systems. To display web pages, it uses the Gecko layout engine which implements many current web standards. Chromium is the open source web browser project which Google chrome draws its source code. The major aim of this is to have a tabbed window manager than the traditional browser application. Later slides will discuss the other features of these two browsers.
- #6: Both app lications support tabbed browsing, which gives the ability to switch between several open web pages within a single web browser window by clicking on tabs. Both support integrated customizable download manager.
- #7: Both allow the user to relocate the history data. Both Firefox and Chrome relies on the extension system to allow users to modify the browser according to their requirements instead of providing all features in the standard distribution.
- #8: User Interface Components UI provides the methods to components to interact with user. UI components like search bar and buttons like print , refresh, go, home are there at user interface. Browser Engine high-level interface to the Rendering Engine by UI. So it provides methods to initiate the loading of a URL and other high-level browsing actions (reload, back, forward). Rendering Engine Organizes the visual representation of the browser. The Rendering Engine interprets the HTML, XML, and JavaScript that comprises a given URL and generates the layout that is displayed in the User Interface. Main role of the rendering engine is html parser. Networking component Handles HTTP and FTP requests . It also handles internet communication and security, character set translations and MIME type resolution. And it caches the web pages also. JavaScript interpreter executes the JavaScript code that is embedded in a website. Then it sends it to rendering engine to get the visual effects. The XML Parser component is used to parse XML documents. The Display Backend component Working with the operating system and provides drawing and windowing methods which depends on OS. Main architecture is consisting of layered architecture style where each layer below provides services to layer above.
- #9: Brief introduction to components Network services. Network services contains components used by other subsystems. Manages the protocol drivers and provides an interface making objects URI strings URI. manages nsSocketTransportService takes transport service based physical Internet protocol drivers and connections. And also it contains listeners such as nsSyncStreamListener and nsAsyncStreamListener which objects are passed to nsIChannel instance. Protocol handler Protocol handler chooses what protocol should be followed according to the specific protocol choosen at the UI level. So that is a layer between UI and Socket Transport. And it also creates channels. Channel can be used to get a socket transport or file transport. Socket transport is used to get internet connection and file transport is used to get file system connection. Socket Transport Layer between protocol handler and internet. Facilitates all socket threads when connecting to internet. There are also another components between these two layers. Stream Converter Conversion services are done like converting text to HTML in case the text cannot be handled by protocol handler. Security Security is managed by Personal Security Manager (PSM) which handles cryptographic operations. Applications use PSM client library to get its services. Necko Utility Works independently of the other components and provides common services to all other components. And also there are other modules such as DNS, COOKIE, MIME and cache where the name implies what each component is responsible for .
- #10: Pipe and Filter structure In a pipe and filter style each component has a set of input streams and a set of output streams. A component reads streams of data on its input streams, processes the data and writes the resulting data on its output streams. Hence components are termed filters. The connectors of this style merge the streams together, they transmit outputs of one filter to inputs of another filter. Hence the connectors are termed pipes. First URL object is created and passed to Network Service which identifies the protocol that the URL belongs to(http,ftp, gopher..etc). The protocol handler instantiates a protocol connection . Then it creates transport object which represents physical connection to the relevant data. When incomming data is received it is notified to the application which it runs.
- #11: Master slave design pattern Master slave design pattern is used where an identical computation must be performed many times, but with different inputs and context. So that master creates separate threads for each slave and let them run independently. And finally it collects the outcomes of each thread and reports to clients. In this case single socket transport thread is created in Network Service Package. Then it creates several file descriptor threads which acts as slaves.
- #14: Provides a large variety of cipher suites for key exchange, digital signatures, bulk encryption, and data integrity. Manages certificates for mutual authentication. Manages passwords and cookies. Very user-friendly UI for the users to customize their security settings. Easy to understand if you have some basic knowledge about Internet security Easy access to the security info of a particular page Othe PKI functions. Supports embedding systems to use the cryptographic components without the UI. High performance – fast enough for disk encryption The goal is 1MB per second for both encryption and decrypton The public functions listed here perform cryptographic operations via the PKCS #11 interface.If documentation is available for a function listed below, the function name is linked to its entry in the SSL Reference. The LXR summary for each function provides links to the function definition, prototype definition, and source code references. The NSS version column indicates which versions of NSS support the function.
- #15: This is a very high level diagram. Each component here consist of many other components. Rendering engine uses the browser kernel API is to issue network requests, access persistent storage, and display bitmaps on the user's screen. Separate instances of rendering engine will be instantiated as a separate process for each tab. This will increase the robustness and performance. Will be explained in detail in the next slide Architecture is designed as more third party extensions can be plugged in to the system. This increases the extendibility. By using separate components maintainability is enhanced. ( as an example Java script engine can be updated or replaced with another one without affecting the other parts. Specific architectural designs used in chromium will be discussed in next slides
- #17: In computer security, a sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers, untrusted users and untrusted websites.( Definition given in Wikipedia ) The sandbox aims to prevent the rendering engine from interacting with other processes and the user’s operating system, except by exchanging messages with the browser kernel via an IPC (Inter process communication) channel. These security mechanisms block access to any files, devices, and other resources on the user’s computer. Even if an attacker is able to exploit a vulnerability and run malicious code in the rendering engine, the sandbox will block the attacker’s attempts to install malware on the user’s computer or to read sensitive files from the user’s hard drive. Reducing privileges cause engineering challenges to the designer. Will be discussed in the next slide
- #18: Browser plugins are a essential thing in web browsing so it has to be supported somehow. Chromium introduces this architecture which have a good balance between usability stability and security.
- #22: Firefox Good for the machines with low ram and cpu power.