On Mon, Oct 10, 2011 at 21:01, Ben Scott <[email protected]> wrote: <snip> > Now, > I regard ActiveX as a really bad idea to begin with -- allowing a web > page to push binary executables to my PC is *not* a good idea, IMO,
Java, too. > and I think history would support me on this one -- but if you're > going to allow it, you need something a bit better than just requiring > a bit of crypto thrown at it. More reasonable would be denying > install to anything but Trusted Sites. If the user can't type the > site name that's a fair bet they shouldn't be installing it, one way > or the other. There are a number of other things, too, such as the > ability to run an EXE from the web in two clicks, or allowing scripts > to manipulate the browser window (Firefox does that too, I might add). Allowing anything running in a browser to write to disk or touch other running programs or other hardware is poor design, IMHO. But I'm a paranoid freak, and don't like computers, so what do I know... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
