Security in Native Client Is Lock Tight
Q: What is Native Client and why function-targeted extensions (such as Google Gears) cannot fill the gap for specific horizontal scenarios?
Q: When we're dealing with Web applications, security is always a concern, but why is this such a big concern with Native Client?
Bridge: Native code is generally viewed as very scary. Native code is what the applications on your computer run right now and that means when it's installed on your computer it has access to the underlying parts of your system, such as the hard drive and the network subsystem. It allows applications to do scary things like erase your hard drive or spread malware over the network. The approach that we've taken with Native Client is that we've only allowed the native code to run on these models to do a select set of things, so you can't access the network or the files on the computer. It keeps users safe from all kinds of security concerns.
Q: So what did you do to lock up the native code for Native Client? [Warning: the following answer is best enjoyed if you're a developer].
Upson provides a high-level answer for us non-geeks: With modern programming techniques, it's very hard to know what a program does, and that makes it difficult to say whether something is going to do something bad to your machine. Basically what we've done with Native Client, is made it so that with the native client module, you can't do a lot of the tricky things that make it difficult to understand what the program is doing. You can only do the core functionality of what the programs are allowed to do. That allows us to look at it and see whether it is going to do something dangerous.