In <003701bfb920$46b74090$[EMAIL PROTECTED]>, Dave Watts
([EMAIL PROTECTED]) in a fit of unbridled passion, wrote:
> > There are several "browser applications" (for lack of a better name)
> > available for that require IE 4 or IE 5 on a win platform.
> >
> > One of these is eWebEditPro available in the tag gallery at:
> >
> > http://www2.allaire.com/developer/gallery/index.cfm?ObjectID=1
> > 2741&nocache=yes
> >
> > I don't mean to single this one out, only use it as an example to
> > illustrate the application.
> > (My CF host, zanova, provides a similar application called iEdit).
> ...
> > You can do the same thing with Java.... but these solutions
> > are usually browser & platform independent... they don't require
> > windows & IE
> >
> > I guess my concerns/questions are:
> >
> > Why do they require Windows & IE?
> >
> > Why do they require the versions of the browsers that are
> > integrated into the OS?
> >
> > Are they using OS or browser features (not available to Java)?
> >
> > Does this provide a path to the OS, through the browser,
> > that is an open invitation to hackers & viruses?
>
> We actually have a better name for them: ActiveX controls. That's in fact
> what they are. ActiveX is a standard that allows Windows clients using IE to
> download and install relatively small programs, which then act just like any
> other installed programs. ActiveX programs are much more powerful and more
> efficient than client-side Java applets, because they're native code and
> they're installed on the user's computer; Java applets have to run with
> relatively limited capabilities, and they aren't installed (generally) on
> the user's computer.
>
> ActiveX controls present serious security problems, just like you face with
> any other program that you install on your computer. An ActiveX control will
> be able to do anything that that user is allowed to do - delete files, etc.
> The answer to this is to only install trusted programs, but of course that
> requires that users be competent in judging what's to be trusted. In large
> corporate environments, IE clients can be configured to have lists of
> trusted sites, but it's hard to make a machine completely safe from a user
> determined to install a piece of software. The component does have to be
> installed, though; it can't just install itself, the user has to give
> permission and the user has to possess the right to install software on the
> machine, which is a given on Win95/98, but not necessarily the case in
> NT/2K.
When is Microsoft going to be held accountable for their blatant
security holes in their OS? This sh*t gets annoying after awhile.
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
