Comments on: Yes, ActiveX is Secure http://www.ensight.org/2005/02/yes-activex-is-secure/ A Personal Blog Mon, 07 May 2012 18:40:32 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: hellking http://www.ensight.org/2005/02/yes-activex-is-secure/#comment-5342 hellking Tue, 01 Mar 2005 06:24:09 +0000 /?p=1785#comment-5342 I don't thinks Activex is secure. I don’t thinks Activex is secure.

]]> By: VOD http://www.ensight.org/2005/02/yes-activex-is-secure/#comment-5341 VOD Tue, 01 Mar 2005 06:21:45 +0000 /?p=1785#comment-5341 <a href="http://www.kundahua.com/" rel="nofollow">VOD</a> VOD

]]> By: Elliott Back http://www.ensight.org/2005/02/yes-activex-is-secure/#comment-5340 Elliott Back Sun, 20 Feb 2005 20:56:27 +0000 /?p=1785#comment-5340 Oh--and your Northern Voice button is quite dead, for some reason. I get 404. Oh–and your Northern Voice button is quite dead, for some reason. I get 404.

]]> By: Elliott Back http://www.ensight.org/2005/02/yes-activex-is-secure/#comment-5339 Elliott Back Sun, 20 Feb 2005 20:55:25 +0000 /?p=1785#comment-5339 <blockquote>"Anytime remote code can be executed locally, there will be no such thing as 'secure'"</blockquote> Really? What about java applets? They run on a virtual machine, are bytecode verified, and restricted by strong security parameters. They can't write to files on your disk without complicated permissions, etc. There are plenty of ways to secure remote code for local use...

“Anytime remote code can be executed locally, there will be no such thing as ‘secure’”

Really? What about java applets? They run on a virtual machine, are bytecode verified, and restricted by strong security parameters. They can’t write to files on your disk without complicated permissions, etc. There are plenty of ways to secure remote code for local use…

]]> By: Tom http://www.ensight.org/2005/02/yes-activex-is-secure/#comment-5338 Tom Sat, 19 Feb 2005 15:42:21 +0000 /?p=1785#comment-5338 So you're a security expert now? So you’re a security expert now?

]]> By: Nathan Wong http://www.ensight.org/2005/02/yes-activex-is-secure/#comment-5337 Nathan Wong Fri, 18 Feb 2005 01:44:40 +0000 /?p=1785#comment-5337 Yeah, XUL has absolutely no "Are you sure you want to view this?" message or anything - and no security. Neil is 100% correct, it's exactly like HTML. As for extensions - yeah, they need white listing, which is nice. Still, XUL is easily used for phising, though that might not be the point we're talking about. Yeah, XUL has absolutely no “Are you sure you want to view this?” message or anything – and no security. Neil is 100% correct, it’s exactly like HTML. As for extensions – yeah, they need white listing, which is nice. Still, XUL is easily used for phising, though that might not be the point we’re talking about.

]]> By: Neil http://www.ensight.org/2005/02/yes-activex-is-secure/#comment-5336 Neil Thu, 17 Feb 2005 15:27:26 +0000 /?p=1785#comment-5336 XUL has exactly the same security model as HTML. You may be confused with extensions or other installable components. Even then, I'm not sure what security model you're expecting those components to have. XUL has exactly the same security model as HTML. You may be confused with extensions or other installable components. Even then, I’m not sure what security model you’re expecting those components to have.

]]> By: Vinnie Garcia http://www.ensight.org/2005/02/yes-activex-is-secure/#comment-5335 Vinnie Garcia Thu, 17 Feb 2005 02:31:53 +0000 /?p=1785#comment-5335 "as does FireFox’s plugin architecture (ditto). " If you mean extensions, then those are only allowed to be run from whitelisted sites. By default, only update.mozilla.org is whitelisted. Otherwise, if some site tries to install a firefox extension you get the yellow information bar and no other prompt. If you actually want the extension you have to go in and specifically allow that site. “as does FireFox’s plugin architecture (ditto). ”

If you mean extensions, then those are only allowed to be run from whitelisted sites. By default, only update.mozilla.org is whitelisted. Otherwise, if some site tries to install a firefox extension you get the yellow information bar and no other prompt. If you actually want the extension you have to go in and specifically allow that site.

]]> By: G http://www.ensight.org/2005/02/yes-activex-is-secure/#comment-5334 G Thu, 17 Feb 2005 01:59:43 +0000 /?p=1785#comment-5334 Well, ActiveX is fast becoming a blacklist item. Many ad networks won't allow their ads on pages with ActiveX of any kind. Well, ActiveX is fast becoming a blacklist item. Many ad networks won’t allow their ads on pages with ActiveX of any kind.

]]> By: Nathan Wong http://www.ensight.org/2005/02/yes-activex-is-secure/#comment-5333 Nathan Wong Thu, 17 Feb 2005 01:30:39 +0000 /?p=1785#comment-5333 Of course it is. As you put it, it's no less secure than XUL. Of course it is. As you put it, it’s no less secure than XUL.

]]>