Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think he forgot to write part where he explains why native client is better than ActiveX, or did I just overlook it?

Anyway, he seems to have a very specific, narrow use case (native client).



It's explained better on the Wikipedia page

http://en.wikipedia.org/wiki/Google_Native_Client

It seems to be sandboxed, whereas ActiveX is a security nightmare.


I am pretty sure ActiveX had some kind of sandbox model as well?

Even so, I remain very skeptic about this.


There's "sandboxes" and then there's sandboxes. Native Client uses the latter while ActiveX had barely the former.

It does present a real concern and exposing additional APIs is going to always present increased security risk. That said, having looked a bit at Native Client's sandbox and having examined the findings of the well respected security researchers who examined the sandbox protections, Google's taking a pretty good whack at it and their sandbox itself is fairly sound.

My worry is not with their sandbox, but the additional APIs that they expose with it. (See also: WebGL which now throws your entire GL stack into your web browser as security critical code.)


Because ActiveX is a proprietary, Windows-only technology?


OK, I was thinking in the security sense, but of course broader availability is interesting.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: