ActiveX. ActiveX
is Microsoft's framework for making Windows type appplications available through
a Web browser. With an ActiveX enabled browser you can embed applications in a
Web page much like you would embed a Java applet (in fact, you can embed a Java
Applet using ActiveX). A good example is Microsoft's Powerpoint Animation
Player for ActiveX, a plug-in that allows web browsers to present powerpoint
presentations over the Web with the same quality of the original presentation.
There is still ongoing debate about the security of ActiveX
controls. An ActiveX control is essientially a Windows program that runs on a
Web page, so, in theory, it is possible to write an ActiveX control to do
things like reformat a drive, scan for private files on your hard drive, etc.
The famous Windows Exploder is an example of the dangerous potential of an ActiveX
control. If you load Exploder from a Web browser, it will automatically shut
down your computer in 10 seconds. Normally, nothing simply viewed in a browser
should have the permissions to do something of this nature (even viruses you
must download before they start to be harmful.
To curtail some of the danger inherient with the technology,
you should always make sure that an ActiveX control is signed. Your Web browser
should automatically detect whether an ActiveX control has been signed. This
simply means that it has been registered with a corporation such as VeriSign
and that the person who registered it is stating that it doesn't have any nasty
side-effects. Of course, this isn't a full proof security method either. The
best advice: Don't launch just any ActiveX control. Also, you can set up your
browser to be very discriminating about what it will launch. See your browser's
security section for specifics.
No comments:
Post a Comment