[Aaargh20318]

AKA Google ActiveX.

This was a bad idea when Microsoft did it and it's still a horrible idea now.

[espes]

It's ActiveX, but completely secure and open source. Sounds like a good idea.

Regardless, it's pretty much already been killed. Too bad it's taken 8 years for a web standard (WebAssembly) to match it.

[Aaargh20318]

> completely secure

Yeah, there has never been a case of software breaking out of a sandbox or VM.

Fact is it allows running native x86 code downloaded from the internet, it's orders of magnitude more dangerous than e.g. Javascript running inside a sandboxed runtime.

[espes]

Why do you think that? There's been way more bugs in V8 over the years than the NaCl core sandbox.

[Aaargh20318]

I'm not sure why you're trying to say ? Two wrongs make a right ?

For the record: I think that JS is a horrible idea too. What happened to the old rule of thumb that once you let someone else run their own code on your machine you should consider it compromised ?

[VMG]

> What happened to the old rule of thumb

People realized it's a stupid and impractical rule and ignored it.

[phkahler]

>> People realized it's a stupid and impractical rule and ignored it.

If by "people" you mean developers, and by "stupid and impractical" you mean inconvenient.

[danellis]

People stopped following that rule sometime around the time the computer was invented.

[Dylan16807]

Depending on your requirements, it can be really easy to sandbox code. I could write a simple virtual machine in an hour or two that's more secure than your typical jpeg decoder. So it's really worth looking at exactly what kind of sandboxing and complexity is involved.

[simonh]

And now we have browsers with both sets of bugs instead of only one. Lucky us.

[blowski]

Bad idea for whom? Developers, users, shareholders?

[Aaargh20318]

Users. It's a security nightmare.

[pilif]

users. it's terribly hard to secure.