Safer than ActiveX: An Arstechnica look at Google's Native Client plugin

Google has released a new experimental browser plugin that allows web applications to securely run native code on the underlying platform. The plugin, which is called Native Client, is distributed under the open source BSD license and is designed to work with all major platforms and browsers.

Native Client provides a sandboxed web-embeddable runtime environment for portable x86 binaries. It also provides a bridge to facilitate communication between JavaScript and Native Client executables. This makes it possible for complex web applications to seamlessly leverage native code for processor-intensive computations.

Allowing web applications to run native code has traditionally posed significant security risks. Microsoft's COM-based ActiveX technology, which aimed to provide developers with similar capabilities, is widely viewed as one of the most egregious security failings of the Windows operating system and it has become a frequent attack vector for malicious code.

Read Full Story >>
The story is too old to be commented.