Technology rapidly changes around us—you’ve maybe heard that WebAssembly (or Wasm for short) is making waves amongst developers and tech enthusiasts. But what exactly is WebAssembly, and what makes it important enough that you should pay attention? Let’s get into it.
What is WebAssembly?
WebAssembly, fundamentally, is a binary instruction set. It’s similar to assembly languages you may have heard of, like x86 or ARM, but with some new characteristics and security guarantees. You write code in a programming language like C or Rust and that code can be compiled into a WebAssembly artifact. As Wasm was initially created for the web, the major appeal was that you could run high performance applications on the web at near-native speeds, though WebAssembly today is experiencing wide adoption outside of the browser as well.
One thing that sets Wasm apart from other compiler targets is its portability. WebAssembly code can be run on any platform so long as there is a runtime for it, regardless of the underlying architecture. This means that developers can write their code once and expect it to run everywhere—whether that’s on Windows, macOS, Linux, mobile operating systems, in the browser, or even on a lightbulb.
Is WebAssembly secure?
Security is absolutely paramount, especially in the digital world we live in today. As such, WebAssembly was created with security as a core design goal. Let’s take a moment to think about what web browsers do. When you visit a web page, your browser downloads unknown, untrusted code and executes it—completely terrifying when you really think about it. It’s the job of your browser to protect you and your device from malicious code, and it’s that exact mindset that’s built into WebAssembly with:
- Sandboxing: This isolates WebAssembly code from the host environment, preventing it from accessing unauthorized data or determining any information about where the code is running.
- Deny-by-default access: WebAssembly has a very strict deny-by-default security policy, meaning it’s not allowed to access system resources without explicit permission. This even goes as far as simple resources like the system time—not at all available unless specifically shared with the Wasm code.
- Memory boundaries: Each running WebAssembly instance gets its own chunk of memory that it cannot see beyond, completely isolated from other WebAssembly instances and the host memory.
Is WebAssembly fast?
WebAssembly was designed to be fast. Compared to JavaScript, Wasm code can be decoded and start executing before JavaScript code can even be parsed. It enables new experiences in browsers, but also offers near-native performance outside of the browser with its portability and security guarantees.
Why should you care?
It’s not at all about replacing JavaScript. The two are complementary technologies and were designed to fit together rather than compete. JavaScript is still necessary for the dynamic and interactive parts of web apps, while Wasm is being used more for computationally expensive tasks.
Since WebAssembly code executes within a runtime, it’s easy to drop it into an existing application—whether it’s a web application or an application running at the edge or on the server. This allows you to extend your application with code written in nearly any language or even untrusted code from third parties. This makes WebAssembly well-suited for plugin systems, as you can safely run code within your application provided by community members or customers. WebAssembly’s great security model makes this all possible.
WebAssembly is efficient
WebAssembly has made a huge splash in serverless computing. Compared to containers, Wasm modules are tiny—most modules produced are on the order of kilobytes or single-digit megabytes, whereas containers can easily be hundreds of megabytes or several gigabytes. Besides just storage size, Wasm also solves the famous “cold start” problem—Wasm code can start executing in microseconds, and thus doesn’t need to leave code running to be able to respond to requests quickly. You could spin up a Wasm instance when a request is received with very minor effects on latency. This means WebAssembly-based systems can scale all the way down to zero when there’s no traffic—a blessing to both Mother Nature and your bank account.
WebAssembly is composable
In my opinion, the real game-changer is the WebAssembly Component Model. It will fundamentally change the way developers construct and compose software through its:
- Cross-ecosystem access: Want the cryptography libraries from Go, a JSON serializer from Rust, and number crunching utilities from Python? No problem. With the Component Model, you can select software from nearly any language ecosystem and compose them together as though they were native libraries all written in the same language.
- Development flexibility: Different teams within an organization can choose the best tool for the job. They can select programming languages and software stacks that cater to their expertise and project requirements, with the confidence that their team’s deliverables will link seamlessly into the full application.
Simply put, developers can build software components in any language that can produce WebAssembly code and then easily compose them into a single application.
WebAssembly is a technology that merits your attention. Whether you’re a developer looking to add new capabilities to your application, or a business focused on building scalable and cost-efficient solutions, Wasm might be right for you. As it continues to mature and gain support, WebAssembly stands poised to redefine the way we think about and interact with software development. Keep an eye on WebAssembly because it’s not just the future—it’s already here, reshaping software as we know it.
Want to learn more about WebAssembly? Check out F5’s WebAssembly Unleashed podcast on YouTube, Spotify, or Apple Podcast.
About the Author
Related Blog Posts
At the Intersection of Operational Data and Generative AI
Help your organization understand the impact of generative AI (GenAI) on its operational data practices, and learn how to better align GenAI technology adoption timelines with existing budgets, practices, and cultures.
Using AI for IT Automation Security
Learn how artificial intelligence and machine learning aid in mitigating cybersecurity threats to your IT automation processes.
The Commodification of Cloud
Public cloud is no longer the bright new shiny toy, but it paved the way for XaaS, Edge, and a new cycle of innovation.
Most Exciting Tech Trend in 2022: IT/OT Convergence
The line between operation and digital systems continues to blur as homes and businesses increase their reliance on connected devices, accelerating the convergence of IT and OT. While this trend of integration brings excitement, it also presents its own challenges and concerns to be considered.
Adaptive Applications are Data-Driven
There's a big difference between knowing something's wrong and knowing what to do about it. Only after monitoring the right elements can we discern the health of a user experience, deriving from the analysis of those measurements the relationships and patterns that can be inferred. Ultimately, the automation that will give rise to truly adaptive applications is based on measurements and our understanding of them.
Inserting App Services into Shifting App Architectures
Application architectures have evolved several times since the early days of computing, and it is no longer optimal to rely solely on a single, known data path to insert application services. Furthermore, because many of the emerging data paths are not as suitable for a proxy-based platform, we must look to the other potential points of insertion possible to scale and secure modern applications.