Slashdot Mirror
Konqueror Supporting ActiveX
brunes69 notes that you can read the news that konqueror is supporting ActiveX. I saw it being done at at LinuxTag (as well as wine running The Sims!) so its coming. This ought to do a lot to give Linux users compatibility on sites the force shockwave or other obnoxious activex plug-ins.
DATELINE JULY 9, 2001
FOR IMMEDIATE RELEASE
KDE Web Browser Konqueror Gets Activ(eX)atedKonqueror Embraces ActiveX, Plays Shockwave Movies
July 9, 2001 (The INTERNET). Nikolas Zimmermann and Malte Starostik today announced the availability of reaktivate for Konqueror, KDE's web browser. Reaktivate enables Konqueror to embed ActiveX controls, such as the popular Shockwave movies, for which no native Linux/Unix solution exists. Reaktivate relies on the WINE libraries to load and run ActiveX controls.
With this addition, Konqueror now enables KDE users to take optimal advantage of sophisticated websites that make use of Microsoft Internet Explorer plugins, Netscape Communicator plugins for Linux and Java applets, as well as KDE plugins designed using KDE's KParts technology.
According to Malte, the reason he and Nikolas implemented reaktivate is rather simple: it broadens the spectrum of web sites accessible to Konqueror, and it was possible.
Successes and Limitations
Theoretically, Reaktivate can eventually be used to embed any ActiveX control into Konqueror. Currently, however, not all ActiveX controls are compatible with reaktivate. In particular, the Microsoft Windows Media Player cannot be installed using reaktivate (though it is not known if a player which is already installed will work with reaktivate). Thus it is likely there exist other ActiveX controls which will not yet work with reaktivate. Work is ongoing to increase compatability with other ActiveX controls, including the Apple QuickTime plugin.
So far, however, reaktivate has been successfully tested with the following ActiveX controls:
Note on Security
Install ActiveX controls only from sites that you trust. Microsoft's ActiveX technology has often been criticized for weak security. Those controls are dynamic libraries that are executed exactly like any other piece of code installed on the user's system. This means they have full access to the file system, the system registry etc. As a means to establish the users' trust in the controls a web site wishes to install, every ActiveX control is cryptographically signed and carries a certificate issued by an authority known to the web browser (like VeriSign). A control that has no signature or no certificate or if they are invalid will not be installed.
With reaktivate the situation is similar: the installed controls can call every WinAPI function provided by the WINE libraries and therefore have access to WINE's registry and all files visible to the WINE installation. The current implementation of reaktivate will ask the user for confirmation to install a new control, but it will not check the embedded certificate and signature. This is due to technical reasons as well as limited time. Therefore we strongly advise to install controls only from sites that you trust. To save your files from malicious controls, you might also consider using this feature only from a seperate user account that has no access to your main user's files. Reaktivate will not run from the root account.
Installing ReaktivateSource code for reaktivate is freely available under a Free, Open Source license from the kdenonbeta module in KDE's CVS repository and its mirrors. See the KDE website for information about how to get a module from CVS. You only need the toplevel, admin and reaktivate directories from kdenonbeta. Before compiling, get the latest CVS version of WINE (a snapshot will likely not be new enough). Next, apply all patches from reaktivate/patches-for-wine/ against the WINE sources and build/install WINE. Finally, you can build and install reaktivate.
Disclaimer: reaktivate is not in any manner sponsored or endorsed by, affiliated with, or otherwise related to, Microsoft Corporation.
Thanks to Andreas "Dre" Pour and Navindra Umanee for assisting in drafting this release.
You confuse between Flash and Shockwave - many people do - specially since Macromedia called it Shockwave flash, but they are 2 creates with some similarities - but they target different world each..
Example - Shockwave can do 3D (using hardware renderer or software one - depends on your DirectX [on Reactivate it will be probably running with OpenGL thanks to the WineX team]). Flash - not
There are 2 different players - Flash 5 (which is available to all popular OS's and then there is Shockwave 8.5 - which is only available under Windows and Mac (and now soon - anything that can run Wine)..
Hetz (Heunique)
Plenty of "run of the mill" plug-ins can be delivered via ActiveX. When I installed Windows ME on my new PC, I hadn't been browsing (using MSIE) for half an hour before it offered to install the Macromedia Flash player for me - courtesy of an ActiveX control.
> We spend more time trying to get Microsoft-
> supported games to run on Linux than we do
> writing games for Linux.
We? Who is this "We" you're talking about? Do you personally spend lots of time trying to get Microsoft-supported games to work on Linux? I sure don't.
Maybe you should replace the word "We" with "a large number of people who are writing applications that they find useful and sharing them for free out of the goodness of their hearts." Then, your post will make perfect sense.
--JRZ
...but what's the big deal about ActiveX support? Other than some web-sites that are strictly internal to the companies I've worked for, I've not been anywhere I *HAD* to have ActiveX.
I thought it was already dead as a general use technology.
-- I wanna decide who lives and who dies - Crow T. Robot, MST3K
Just keep in mind all the security flaws that ActiveX is known for. If you read the info, it recommends running it under a separate user ID than your usual one, to protect your files.
Mind you, at the end of the day I am convinced that 90% of Linux users (and /. readers) complain about OS monopolies whilst not giving a damn about a potential platform monopoly. So perhaps it doesn't matter anyway.
I'm personally a little tired of hearing about security risks relating to ActiveX. There has been a lot of news of security problems related to ActiveX, but those problems have been the fault of IE's implementation of it. Not the technology's itself.
I like to relate ActiveX to a gun. When used properly it can be a great tool. When used improperly it can be very dangerous. ActiveX is actually quite useful and when implemented properly is just as safe as any other peice of software. Saying that ActiveX itself is a huge security risk is like saying that the domain name system is a huge security risk because bind has been known to have a lot of security holes.
And for those who think "well it's just another crap m$ technology to try and replace better, already existing technologies" the only thing I have to say is that ActiveX (like almost all MS 'innovations') was actually developed by a smaller company that was assimilated by MS. MS didn't create it themselves so stop saying ActiveX sucks just because it tends to be associated with MS.
--
Garett
Ok, can anyone pull, of the top of their head, a site that still uses ActiveX components over Java, Flash, ?
I'm going to go back in my box and will think within the limits of my box: MS Sucks Linux Good I read too much Slashdot.
Why is it so hard to understand that this is a useful feature and helpful to establishing this OS as a useable alternative?
Of course Linux users don't like the idea of ActiveX sites. We realize that ActiveX limits us to a Microsoft OS and certain hardware. But, these developers realize that a Windows user who feels restricted by using a Linux OS isn't going to switch to it. How many Linux users run a dual-boot or second Windows machine for games? I run Windows on my main machine because I don't have an alternative for some applications I consider important. I use Linux for everything else that I possibly can.
As long as we have developers creating alternatives, we attract more users and increase the number of Linux machines. The developers here should be commended.
This is good news. I'm not a K user, but this still affects the entire linux community, and I think it's a good thing. Inter-operability with other OSs and applications is what makes linux immediately superior to other OSs :)
:)
The problem with supporting these "windows only" plugins is that web developers are STILL filtering their sites based on OS and browser string. Even though my browser (galeon) is perfectly able to display http://www.shockwave.com, I go there and get a "platform not supported" message for EVERY FSCKING PAGE on their site. Someone in the office managed to get in with either Konq or Opera by changing the os and browser string to windows/ie5, but this is not a valid option in my opinion.
Even if galeon or konq suddenly had the ability to view shockwave files, they would still not be allowed into the site, as on every page there is a browser/os check. Now I know this is not true for all sites, or perhaps even a majority of them, but it is something that affects non-windows and non-IE users every day, and I have no idea how to fix it.
Web designers have it in their ability without doing much. A friend of mine supports all OSs and browsers on his site even though it has heavy use of CSS and all the "new" tricks. He could write a huge amount of java script and multiple pages to display different things based on the browser, but he simply supports HTML4 (which is fine for ie, mozilla, galeon, ns6, etc) and strips all CSS for others. So while netscape 4.x doesn't look as pretty, the information is all there.
Even though I give him shit for not taking the time to support a still prominent browser (ns 4.x), I applaud him for not putting a big "you suck, get a new browser and use windows and ie" sign up for all non ie5 users.
I guess the trick is getting the web developers the information that non IE browsers DO support the latest standards and look just dandy.
Oh, and shockwave.com... you suck
Before people start flaming about security:
This is only a developer's release, not ready for KDE Prime Time, and the security issues are already being considered. There are several options existing to protect Unix users including proper use of non-priviledged accounts (perhaps by setuid'ing reaktivate to nobody), chroot, sandboxes... etc. And after all this, KDE will probably still not enable ActiveX by default on any system. Remember, Konqueror does not even enable Java or JavaScript by default yet.
As for the usefulness of ActiveX in KDE, one of the main purposes of the developers is to help companies with an investment in ActiveX controls (perhaps on their internal sites or intranet) to migrate over to KDE systems. As a plus, of course, us users may get to enjoy Shockwave and QuickTime for which no free software solution is in sight.
So celebrate this for what this is: A rewly hack validating the KDE and WINE technologies that the Free Software wourld has brought us.
Cheers,
-N.
> Should we be developing substitutes or alternatives for ActiveX instead of trying to recreate it?
Who is this "we" you speak of? Are you doing any development for any open source project? Specifically, are you working on Wine? If not, then it is not your "we" to consider. Obviously, the people working on this find it worthwhile. If you feel that other projects should be worked on, then devote your effort to those. The developer effort of the Wine project is not your's to command.
> Get your priorities straight: Linux ought to be an alternative, not a poor imitation.
Those are *your* priorities. They happen to be mine as well, but that isn't the point. Developers have their own goals, so you shouldn't expect them to work toward *your's* instead.
In particular, I think Miguel is overly fond of copying Microsoft. It's not how I would develop Gnome, but I'm not the one doing it...Miguel and the others are, and they will do it how they see fit. But you and I have no authority over them, so they will continue to develop as they please.
--Lenny
Both developments has their good and bad sides.
ActiveX support can be very important in multi-OS work environments and for many on-line banking sites, for example.
On the other hand, sandboxing it and turning it off by default doesn't sound like a bad idea. But don't worry, as long as this requires Wine CVS and as long as the activexproxy is a program in kdenonbeta, it won't be installed by default on your distribution.
Same with the new Ximian developments: embracing and cooperating with SOAP sounds like a good idea.
I _would_ be very careful about .NET development since it is basically Microsoft's proprietary lock-in platform to make sure SOAP will give them _more_ control, not _less_, but cooperation is good. Even so, it is not like we KDE people are totally against SOAP support, some projects already use it.
Furthermore, I like to stress that ActiveX support originated as a proof-of-concept and "cool factor" development. The responses we received at LinuxTag confirmed this.
...I can deactivate ActiveX support under Linux, too. Great!
God, root, what is difference? - Pitr
Well, there's another, more important, piece of work going on according to the article. They're trying to get QuickTime working as well! This is much more important than (bad, security flawed) activeX. Being able to watch movie trailers, streaming media from more sources, etc. is much more fun and useful than shockwave.
Wine is good, but I can't get it to run QuickTime, though I try with every revision. I can reliably get Windows Media Player to run under Wine, but that's not good enough. This is one place where Linux sucks; we'll never get decent streaming multimedia support (Real doesn't cut it!) until someone licenses the codecs and releases a product (which will cause all the GPL freaks to scream because they'll want to charge for it; you may think I'm flaming, but every damn time I read something about good comercial software here, most people just complain that it's not free!).
---------The early bird gets the worm, but the second mouse gets the cheese.
Konqueror is getting support for The Force? Sweet! Or is it just Force-compatible? Sigh... I was so looking forward to saying,
to Internet Explorer... .
There is one thing that isn't to clear in the press releases: As Wine is i386 only, the support for activeX is of course only available for KDE running on Intel I386 architechture.
A journey of a thousand miles starts with a brutal anal raping at airport security
What's next, are they going to port the BSOD to be some daemon that runs and randomly crashes the system to be more compatible with Windows?
Mas vale cholo, que mal acompañado.
Why is KDE relying on ActiveX? Shouldn't we be developing a better technology instead of using Micro$oft's?
Leaving aside the question of who the "we" is who is always invoked in such remarks, this is a clever, useful hack by a couple of developers that's in kdenonbeta. No one is proposing to build KDE around ActiveX, no one is telling companies to stop making native plugins and it's not like a significant drain on resources went into making it.
Isn't this a huge security risk?
On the KDE site's discussion, Malte mentioned they were working on a chroot-based sandboxing method. This is still a work in progress and they tell you not to use it on sites you don't trust. And for God's sake, don't run it as root!! It's not going into the 2.2 release and anyone who is capable of installing it today ought to have the sense to run it carefully.
Unsettling MOTD at my ISP.