On BNET: Turn your iPhone into an air mouse
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 7 of 35:
Next »
« Previous
Well, now you're getting somewhere
The basic problem inside IE is that it is a dessert topping and a floor wax. It was written to be extensible, mainly through ActiveX, and the good, bad and ugly have poured in. It is nice to have a common way to parse and display HTML instead having to write your own. However, the bad guys can use this convenience too. I think this is the basic idea in your second article.

Scripting, which you hit on a lot, is really just the doorway into ActiveX and turning it off or otherwise restricting it closes a big door, particularly when it comes to Outlook. Even if you want to retain Java scripting, using the Sun JVM can prevent a lot of exploits that are in the old MS one (some of which are mentioned in your first article).

User installed programs are the main new doorway and range from hidden trojans to apparently useful programs, such as P2P software, that bring scumware along for the ride.
Posted by: jfrankcarr   Posted on: 03/21/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

It figures  Squawkbox | 03/19/04
And want to come to a Linux box near you  FilledOut | 03/19/04
ActiveX was an exploit waiting to happen  Chad_z | 03/19/04
ActiveX exploits are why I'm using Firefox  jfrankcarr | 03/20/04
Don't assume you're safe ...  George Jay | 03/20/04
By you can assume your MUCH safer  David Mohring | 03/20/04
Well, now you're getting somewhere  jfrankcarr | 03/21/04
And people laughed...........  nite_w0lf | 03/19/04
Blame Norton  boxmonkey | 03/20/04
You have to use ActiveX in this case  jfrankcarr | 03/20/04
Active X for security?  michael-t | 03/20/04
Dogs and fleas  bjbrock | 03/20/04
Dogs and fleas  seosamh_z | 03/21/04
Re: Dogs & fleas  MammyNun | 03/23/04
But...  DragonBRockin | 03/20/04
Hey, where's No_Ax?  Chad_z | 03/20/04
Security Programs Becoming Major Infection Vector  Aphelion | 03/21/04
Re: Security Programs Becomming Major Infection Vector  GraysonPeddie | 03/22/04
virus authors  angrymuthu | 03/21/04
The .net Framework might be better...  GraysonPeddie | 03/21/04
The .net Framework might be better...  seosamh_z | 03/21/04
It's always the "next" version with MSFT  Chad_z | 03/21/04
It's always the "next" version with MSFT  seosamh_z | 03/22/04
.net is 10 years LATE  michael-t | 03/21/04
.net is 10 years LATE  seosamh_z | 03/22/04
MS and 'modern' technologies ....  michael-t | 03/22/04
Anybody notice...  Yen_z | 03/21/04
Substitute Java and ...  ShadeTree | 03/22/04
ActiveX is far more than scripting  jfrankcarr | 03/22/04
Mixing metaphors.  ShadeTree | 03/22/04
Sorry, but you are quite confused  jfrankcarr | 03/22/04
you mean jsp, lets be clear - not Sun Java  JWatson77 | 03/24/04
then again MS Java did have a few vulnerabilities  JWatson77 | 03/24/04
What Idiot Uses ActiveX for Security? Only Symantec...  brenthawkinsmd | 03/22/04
activex? lol  JWatson77 | 03/24/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement
  • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
  • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
  • Smart People The best and worst moves in the management and strategy trenches. Learn More