Chris Hill wrote: > Subject: > > Re: New Features Wanted > From: > > [EMAIL PROTECTED] (Chris Hill) > Date: > > Tue, 27 Nov 2001 06:27:18 GMT > > Newsgroups: > > netscape.public.mozilla.wishlist,netscape.public.mozilla.general > > >On 27 Nov 2001 05:26:40 GMT, DeMoN LaG <n@a> wrote: > >>>[EMAIL PROTECTED] (Chris Hill) wrote in >>>[EMAIL PROTECTED]">news:[EMAIL PROTECTED], on 27 Nov 2001: >> >>>>>>>They are as secure as fort knox compared to Active X >>>>>>> >>>> >>>>> >>>>> Please explain >>> >>> >>>I've never seen a malicious Netscape plugin (even when Netscape had 80%+ >>>marketshare). I've seen dozens of malicious active X scripts. IE in >>>general is too insecure and gives out too much information about my >>>system. For instance, BrowserSpy: http://www.gemal.dk/browserspy/ >> > >The lack of malicious Netscape plugins is probably due to the limted >use and limited features of a mechanism to install a plugin easily >without restarting the browser (historically -- I think this has since >been addressed). Another factor is that there are fewer Netscape >plugins than ActiveX controls. This means fewer chances of a poorly >writen plugin that permits access. > >The policies of IE do not mean that ActiveX model is less secure than >the plugin model. > >Also, there are probably many badly written ActiveX controls (some >already installed on a user's system) that allow far more access to >the system than should be possible. This means that by default, all >ActiveX controls on the system should be blacklisted unless the user >grants permission (with an extreme warning). > >If the list of ActiveX controls available to a theoretical >implementation resembled the list of plugins available to the typical >Netscape installation (Flash, Acrobat, QuickTime), I think there would >be far less cause for concern. > >>>I don't think any web site needs to know anything about my Direct X >>>version. This should not be made available through my browser. I don't >>>think anything involving the MS AFC should be available via my browser. >> > >I agree, unless of course the web site is using DirectX via an ActiveX >control (or plugin). > >If the code is native (like a plugin) it can do anything that a >program on your computer can. Once it is running, it has full >control. > >>>Component information: I don't like how it's possible to see what >>>version of the help engine I have installed, or what version of Media >>>player is available. A new exploit was just found involving media >>>player, and this lets people target me for attack. >> > >I agree. However, if a Netscape plugin exposed version information >via scripting interfaces the same issue would exist. > >>>Java and Netscape's plugins don't get access to the rest of the system, >>>in general. I remember Heat.net's plugin installer was a Java applet, >>>before it could do anything I was prompted a huge security alert saying >>>"Install software on machine - HIGH RISK". I don't get that secure >>>feeling with IE. IE is just too leaky for my tastes >> > >Netscape plugins DO get access to the entire system once installed. > >Java applets get restricted access to the system (unless the applet is >signed and the user grants permission). > >You are talking about IE, not ActiveX. > >Chris Hill >[EMAIL PROTECTED] > ActiveX is the problem - and actually, there are a lot more Netscape style plugins on the internet than ActiveX.
The main problem is the ActiveX architecture allows the applets too much access to your system - for instance, there was one applet that ejected your CD-ROM, popped up a message saying something along the lines of "here's your coffee holder" and shut down your computer. Netscape plugins were limited to browser functionality, they were never given root access to your computer's resources - same with Java. That being said, ActiveX could do some really cool things, and having the functionality locally is a good thing, but allowing it on the internet and access to it through a web browser was a really, really dumb thing to do. Patrick
