Well yes … silly title … we knew that, WebAssembly has been here for … months!
Joking aside, this is a really important blog post. Just over a year ago the Unity team added experimental support for WebAssembly, however, the default linker target remained as asm.js.
This blog post announces that WebAssembly support is sufficiently to make it the default target, giving code size improvements and a boost in performance (especially with browser that were not asm.js optimised).
Google’s Project Zero team are dedicated to finding zero-day exploits, so that potential dangerous security flaws can be fixed before they are used for more malicious purposes. In this post the team take a look at some of the security issues that have already surface with various WebAssembly implementations.
There isn’t really anything of great concern here - and the following excerpt from the conclusions is quite comforting:
“compared to other recent browser features, surprisingly few vulnerabilities have been reported in it. This is likely due to the simplicity of the current design, especially with regards to memory management.”
And Finally …
“Any application that can be compiled to WebAssembly, will be compiled to WebAssembly eventually” - Ending’s Law