Internet Explorer has had very solid security record after IE5. ActiveX was a big mess, but it was innovative technology that even Google is trying to replicate with their embedded binaries now. It's also the reason why Microsoft spend so much time hardening IE's security. Now a days when the most attacked vector is third party software like Flash and PDF Reader, IE is almost the only browser capable of blocking these attacks. Firefox still has NO SANDBOX AT ALL. It's like having sex with a prostitute in Cambodia - when the hiv rate is almost 20% among the sex workers, only an idiot would have sex without a condom.

Native apps will always work better and be less resource intensive than HTML5 based apps. You will never be able to match native code or get even close. Even Google understands this on mobiles, even though they still use the crappy Java. This is especially important on mobile phones not only for limited CPU and memory and the lack of good GPU, but because battery life is really important and already not that great.

RIM just wants to do this because they don't have the vibrant app economy than Apple and even Microsoft has. They want others to do the work for them.