Native Client: Google's craziest idea yet

Is Google's plan to run native x86 code inside browser windows just a disaster waiting to happen?

The browser's role is ever increasing. It already has become far more than a mere tool for accessing information. Today we use it to communicate, to collaborate, and to interface with applications. And if Google has its way, we'll soon be able to use it to chalk up a few righteous frags, too.

Last week, a team of Google engineers demonstrated a copy of Id Software's classic first-person shooter Quake running within a browser window at a frame rate comparable to an OS-hosted copy of the game.

How did they do it? Simple. The Google Native Client is a new set of components that allows Web browsers to download and execute native x86 code. It's not an emulator, and it's not a virtual machine. The code runs on the actual processor with access to memory and system resources and negligible loss of performance. It even gives browser-based apps access to modern, accelerated CPU instruction sets, such as SSE.

Just how crazy are these guys, anyway?

Beyond the limitations of the browser
The natural comparison is to Microsoft's ActiveX technology -- and to critics, it's not a flattering one. ActiveX controls allow developers to extend the capabilities of Internet Explorer by creating components that can access native Windows functions. But because ActiveX's security model is largely based on trust, users can easily be tricked into installing components that compromise system security. As a result, ActiveX is now a leading source of malware attacks on the Windows platform, and many security experts recommend that it be disabled.

There have been plenty of other attempts to extend the capabilities of the browser in ways that don't compromise security. The Java applet technology was among the first. Most rely on some kind of specialized programming language executed with or without the aid of a virtual machine.

But the problem with these technologies is that they invariably sacrifice performance for security's sake. That won't do for the use cases Google envisions: Not just games, but computation-intensive processes like ray tracing, image manipulation, and distributed calculation. The idea is to take advantage of the native performance of the CPU for problems where traditional, browser-hosted technologies won't suffice.