On MovieTome: Why you didn't see Shatner in TREK
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 44 of 67:
Next »
« Previous
I have a serious question
The idea of a webpage being able to run code directly on your machine is horrific and unnecessary.

I don't totally disagree and that is a small part of why I use Firefox. My question is: how do Firefox extensions differ from ActiveX in the security arena? To be honest, I know very little about how extensions are written so I'm curious about this.

The other thing I'll say is that all browsers run code from the user's machine. Every time you render an image, run javascript, or view a PDF file, you are running code on the user's machine. The biggest issue I see with ActiveX is not that it allows a web page to run code from a user's machine (something that happens all the time anyway) but that it is an opt-out thing instead of an opt-in thing. This is one of the things about IE7 that will make it, in my opinion, much safer and make the ActiveX threat much more minimal.

It also can't be stressed enough that you should not be browsing as root/Administrator and even so, you should back up any personal files you aren't willing to lose since, even as a restricted rights user, all your personal files are still vulnerable. Running as a restricted rights user isn't the security panacea that some make it out to be, but it is still better than running as root!
Posted by: NonZealot   Posted on: 11/07/06 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Loverock's Rep  yyuko@... | 11/06/06
"distributing much needed flaws"  Tony Agudo | 11/06/06
LOL.... A 9.5  shawkins | 11/06/06
6.6... Points deducted because...  James T. Kirk | 11/07/06
Rep?  Loverock Davidson | 11/07/06
Please keep news about your tingles to yourself, Loverock! (nt)  Zeppo9191 | 11/07/06
MSXML 4.0 is not installed as part of Windows  PB_z | 11/06/06
You are incorrect !  I'm Ye, the MS SHILL . | 11/06/06
No, you are incorrect. This is about MSXML *4.0*  PB_z | 11/06/06
I beg to differ !  I'm Ye, the MS SHILL . | 11/06/06
it seems that is not present in IE SP1 and XP SP1  markbn | 11/07/06
I beg to differ !  I'm Ye, the MS SHILL . | 11/06/06
And now for some REAL HOT NEWS !  I'm Ye, the MS SHILL . | 11/07/06
Okay....  ken_ballard@... | 11/08/06
FWIW  3D0G | 11/07/06
You are right!!  NonZealot | 11/06/06
Maybe one day you will catch that roadrunner!!  I'm Ye, the MS SHILL . | 11/07/06
I've removed IE from Windows  voska | 11/07/06
And now all the software that needs IE doesn't work.  osreinstall | 11/07/06
You are correct...  mharr | 11/08/06
I'm not vulnerable  wolf_z | 11/07/06
And now for some HOT LINUX NEWS !  I'm Ye, the MS SHILL . | 11/07/06
Yawn  Confused by religion | 11/07/06
Oh yeah , you'll be more disappointed with Microsoft Vista .  I'm Ye, the MS SHILL . | 11/07/06
I beta tested Vista...  Confused by religion | 11/07/06
Card make and model  Sabz5150 | 11/07/06
Wireless cards seem flaky if you ask me  voska | 11/07/06
Don't have the laptop with me at the office  Confused by religion | 11/07/06
I understand....  handydan918 | 11/07/06
Sorry for getting back so late...  Confused by religion | 11/07/06
Dell 1370 WLAN  3D0G | 11/08/06
See, the problem on the other foot is....  techboy_z | 11/07/06
And some...  James T. Kirk | 11/07/06
That's true  Shelendrea | 11/07/06
Real slow day here at ZDNET huh .  I'm Ye, the MS SHILL . | 11/07/06
Cut it out Root  Shelendrea | 11/07/06
SAMBA is a mistake  net-com | 11/07/06
Yeah right .  I'm Ye, the MS SHILL . | 11/07/06
Heads up Root  net-com | 11/07/06
He is technically right...  Mad Dan | 11/07/06
Amazing...  jasonp@... | 11/08/06
Well...  ken_ballard@... | 11/08/06
What have we been saying about ActiveX?  CobraA1 | 11/07/06
I have a serious question  NonZealot | 11/07/06
We were warned...  Mad Dan | 11/07/06
Java isn't that secure either.  osreinstall | 11/07/06
Java works great with Firefox  patrick@... | 11/07/06
Sure it doesn't  NonZealot | 11/07/06
Selective quotation...  Mad Dan | 11/07/06
Um, okay?  NonZealot | 11/07/06
Java is awful  osreinstall | 11/07/06
You what ??  Mad Dan | 11/07/06
Yep, some folks don't want that crap.  osreinstall | 11/07/06
So.......  PottHead | 11/07/06
It depends  NonZealot | 11/07/06
Here's the thing  Shelendrea | 11/07/06
Its even worse than that  NonZealot | 11/07/06
Definitions.  enduser_z | 11/07/06
I would not get too concerned.  osreinstall | 11/07/06
Just to push your buttons  zkiwi | 11/07/06
It really isn't a big deal.  osreinstall | 11/07/06
Ah well  zkiwi | 11/07/06
Like you do? As if it is going to change anything if you do care.  osreinstall | 11/07/06
Actually  zkiwi | 11/07/06
It will not matter one iota  osreinstall | 11/07/06
How would you suggest...  mharr | 11/08/06
Best way  slow_descent | 11/07/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

Meet Doc