|
I don't know about others but IMO ActiveX is bad for two main reasons: 1. Like you mentioned, it is only available on the Windows platform, specifically to the IE browser. 2. As someone else mentioned yesterday, it allows code to execute on your PC. As to point one, unless Vista's draconian DRM is toned down a lot I've little intention of using it so my home machines will stay at Windows 2000 and XP. Any upgrades will be to Linux, which means no ActiveX support. Any online vendor who wants some of the thousands of dollars per year I year spend online will not require ActiveX. Point two, this means that ActiveX can be a distribution method for malware (viruses and whatnot). An AX component can write to your hard drive, which means it can not only populate your system with malware but could be malware itself. You now have some ability to block AX -- either all or nothing or based on limited criteria -- but the onus is on the end user to know what they're doing and we all know how effectively that works. Go to http://isc.sans.org/ and search for ActiveX to see a list of Windows vulnerabilities that AX plays a part in. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5559 was disclosed just this past October and can potentially allow an attacker's code to execute (the more benign impact is a DoS/IE crash). There is no fix but there are two workarounds: Either disable AX or use RegEdit (again, not something users should be expected to do) to disable a specific function.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
