Is Google's Native Client the second coming of ActiveX? I ask because the more I learn about this nascent Web/PC integration technology, the more it strikes me as so much old wine in new wineskins.
Consider the similarities. Both technologies are designed to bridge the gap between the Web browser and the PC client. In ActiveX's case, this was accomplished via a native-compiled, Win32 program that was then specially wrapped and packaged for easy download/installation, with little or no user interaction. Native Client take a slightly different approach, with a plug-in architecture and additional layers of abstraction and security. However, the net result is the same: content that can be automatically downloaded from the Web, then run directly on your PC's hardware.
[ See why InfoWorld's Neil McAllister also fears the Google Native Client approach. | Discover exactly how bad ActiveX really is. ]
This last part is what keeps IT administrators up at night. We all know what a disaster ActiveX turned out to be. By enabling unrestricted Win32 executable files to be encapsulated in an otherwise innocent-looking Web page, Microsoft created as security hole big enough to drive a truck through. And despite years of patching and fixing, including ever more esoteric code-signing and runtime activation restrictions, Microsoft has never successfully put the ActiveX genie back in the bottle. It remains a dark episode in Internet Explorer history, one that weighs down the browser to this day.
