Google posts Native Client SDK for Linux, Mac, PC
Google finished the week by posting a initial SDK for its long promised Native Client. The kit will let developers put native C and C++ apps into a Chrome browser feature that supports many of the features of stand-alone apps, including 3D, multi-core processor support and direct memory access. Unlike earlier versions of Microsoft's ActiveX, however, all apps are sandboxed and cross-checked to prevent malicious code from using the native support to attack the main OS.
HP notebook vulnerability
Some HP notebooks may be exposed to potentially serious code vulnerabilities, according to a SecurityFocus newsgroup discussion. A researcher working under alias says he has found flaws in an ActiveX control for HP's Info Center, software used to access system information and configuration. The difficulty is that if an HP owner visits a malicious website, a knowing hacker may then be able lay bare the software and the rest of a notebook, leaving it exposed to malware, registry changes, and other critical threats.