Learn More
Using Caja, web apps can safely allow scripts in third party content. The computer industry has only one significant success enabling documents to carry active content safely: scripts in web pages. Normal users regularly browse untrusted sites with JavaScript turned on. Modulo browser bugs and phishing, they mostly remain safe. But even though web apps(More)
We address three common misconceptions about capability-based systems: the Equivalence Myth (access control list systems and capability systems are formally equivalent), the Confinement Myth (capability systems cannot enforce confinement), and the Irrevocability Myth (capability-based access cannot be revoked). The Equivalence Myth obscures the benefits of(More)
Proxies are a powerful approach to implement meta-objects in object-oriented languages without having to resort to metacircular interpretation. We introduce such a meta-level API based on proxies for Javascript. We simultaneously introduce a set of design principles that characterize such APIs in general, and compare similar APIs of other languages in terms(More)
Every novel cooperative arrangement of mutually suspicious parties interacting electronically — every smart contract — effectively requires a new cryptographic protocol. However, if every new contract requires new cryptographic protocol design, our dreams of cryptographically enabled electronic commerce would be unreachable. Cryptographic protocol design is(More)
The transport of flagellar precursors and removal of turnover products from the flagellar tip is mediated by intraflagellar transport (IFT) , which is essential for both flagellar assembly and maintenance . Large groups of IFT particles are moved from the flagellar base to the tip by kinesin-2, and smaller groups are returned to the base by cytoplasmic(More)
Browsers do not currently support the secure sharing of JavaScript objects between principals. We present this problem as the need for object views, which are consistent and controllable versions of objects. Multiple views can be made for the same object and customized for the recipients. We implement object views with a JavaScript library that wraps shared(More)
Programmers write programs, expressing plans for machines to execute. When composed so that they may cooperate, plans may instead interfere with each other in unanticipated ways. Plan coordination is the art of simultaneously enabling plans to cooperate, while avoiding hazards of destructive plan interference. For sequential computation within a single(More)
JavaScript is widely used to provide client-side functionality in Web applications. To provide services ranging from maps to advertisements, Web applications may incorporate untrusted JavaScript code from third parties. The trusted portion of each application may then expose an API to untrusted code, interposing a reference monitor that mediates access to(More)
The N-terminal extension and phosphorylation of the myosin regulatory light chain (RLC) independently improve Drosophila melanogaster flight performance. Here we examine the functional and structural role of the RLC in chemically skinned fibers at various thick and thin filament lattice spacings from four transgenic Drosophila lines: rescued null or control(More)