undefined | Better HN

0 pointsAaargh203188y ago0 comments

AKA Google ActiveX.

This was a bad idea when Microsoft did it and it's still a horrible idea now.

0 comments

It's ActiveX, but completely secure and open source. Sounds like a good idea.

Regardless, it's pretty much already been killed. Too bad it's taken 8 years for a web standard (WebAssembly) to match it.

Aaargh20318OP8y ago

> completely secure

Yeah, there has never been a case of software breaking out of a sandbox or VM.

Fact is it allows running native x86 code downloaded from the internet, it's orders of magnitude more dangerous than e.g. Javascript running inside a sandboxed runtime.

espes8y ago

Why do you think that? There's been way more bugs in V8 over the years than the NaCl core sandbox.

2 more replies

blowski8y ago

Bad idea for whom? Developers, users, shareholders?

Aaargh20318OP8y ago

Users. It's a security nightmare.

pilif8y ago

users. it's terribly hard to secure.

1 more reply

j / k navigate · click thread line to collapse

0 comments

espes8y ago

It's ActiveX, but completely secure and open source. Sounds like a good idea.

Regardless, it's pretty much already been killed. Too bad it's taken 8 years for a web standard (WebAssembly) to match it.

Aaargh20318OP8y ago

> completely secure

Yeah, there has never been a case of software breaking out of a sandbox or VM.

Fact is it allows running native x86 code downloaded from the internet, it's orders of magnitude more dangerous than e.g. Javascript running inside a sandboxed runtime.

espes8y ago

Why do you think that? There's been way more bugs in V8 over the years than the NaCl core sandbox.

2 more replies

blowski8y ago

Bad idea for whom? Developers, users, shareholders?

Aaargh20318OP8y ago

Users. It's a security nightmare.

pilif8y ago

users. it's terribly hard to secure.

1 more reply

j / k navigate · click thread line to collapse