“Opinion: ActiveX gets a bad rap as the cause of all of Internet Explorer's security woes. But it's just not so.…
Old myths die hard! There's no doubt that Internet Explorer has more than it's fair share of security holes, but very few of them have to do with ActiveX. Seriously, of the perhaps hundreds of vulnerabilities of any import reported in Internet Explorer over the years, I bet you could count on two hands the number related to ActiveX.
As with programs that have nothing to do with ActiveX, the really serious bugs in Internet Explorer have been due to insufficient input validation between security zones or traditional buffer overflows. These are the staples of the vulnerability research business, and Mozilla and Firefox—and let's not forget Opera—have had their share of these, too.
While there has been a striking lack of actual evidence that ActiveX is unsafe, there has been no shortage of baseless assertions and cheap shots against it.
Let's review: What exactly is ActiveX and what does it do that's supposedly so dangerous? ActiveX controls are packages of code that can run in the context of the browser. They are installable through a link on a Web page. Exactly how different is this from having a link to an executable file that you have to explicitly run? Essentially not at all, except that the ActiveX version is more convenient. Even with Firefox you can download and run an executable file. Does this make Firefox unsafe? In fact, Mozilla and Firefox's support for XPCOM, a plain text and platform-independent software model, is very comparable to ActiveX once you get the user to click "Yes."
The complaint against ActiveX has always centered around the ability to install native code from across the Internet, but this is less unusual than it seems, and ActiveX arguably makes things more secure. When you encounter an object tag referencing a control that you do not have installed, you then have the opportunity to install it. Under the default security settings, you will be warned before this happens and given an opportunity to approve or reject the installation. There's more.
Sun actually paid someone to write a malicious ActiveX control. I was there at JavaOne when they demonstrated it (I think it was 1997). The test system brought up all the warning dialogs about the program that you usually get and the Sun employee actually had the nerve to keep whacking on the enter key quickly so they would close as quickly as possible and didn't mention that there were any such warnings.
From the very beginning, ActiveX has supported digital signatures of the code, and the user gets a chance to inspect the signature. The point of the signature is not to prove that the program is safe or honest, but that the authors of the program are who they claim to be. In a way this has been a failure because it needs to be easier to follow all the signature information provided by ActiveX to understand exactly what it proves. But the information is there for whoever wants to confirm it.…”
http://www.eweek.com/article2/0,1759,1785769,00.asp
Posts
No comments:
Post a Comment