Slashdot Mirror
Brian Hook on the ActiveX Experience
Obiwan Kenobi writes "Brian Hook of id software fame got around to developing on ActiveX and found some minor grievances, particularly in the security department. To quote: "I've been doing some ActiveX coding on the side for a couple days, stuff I'm not familiar with, and I'm just flat out _appalled_ at how bad that entire API and design is. I can make an OCX that basically formats your hard drive, stick it on a Web page with a tag, and if your security settings are set low enough, you'll start formatting your hard drive the minute you visit my Web page.""
I wonder if anybody knew that before... LOL.
Loading...
I can make an OCX that basically formats your hard drive, stick it on a Web page with a tag, and if your security settings are set low enough, you'll start formatting your hard drive the minute you visit my Web page
Please. DO IT NOW. Thanks.
Free XBox, PS2
what rock has he been under all these years?
AZTEK
Well, that would eliminate the problem of people not knowing how to format their hard drive
Wow, this is old information. We all know ActiveX isn't good at all with security. So an id programmer learns the dangers of ActiveX. What next?
I'm not sure I want to follow that link...
Ooh, a sarcasm detector. Oh, that's a real useful invention.
Regards,
Sergio Hernando
Does he mean the settings low enough to actually use it on the internet?
Why not just create a "zone" hopper, then he doesn't have to worry about your settings. Better yet, just use one of the existing ones.
A computer once beat me at chess, but it was no match for me at kick boxing. Emo Philips
Firt po...
Formatting C: 5% Complete
Can you send a link?
...to point out potential issues in .Net. Even MS is no longer pushing ActiveX/COM. They are rewriting that trash out of their architectures as fast as they can. Maybe .Net doesn't come off as bad as COM, so can't be used to ridicule MS.
I guess it's surprising brian hook is interested in anything to do with web design, an activex intrest is even more odd.
:)
ActiveX is an aweful problem, I guess the only reason IE users are as safe as they are is the level of integrity in many website (better than we have thought in the past maybe...)
Btw, thanks for the FP editors
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
Now why doesn't he code an OCX that will not only format your hard drive but also install your favorite OS?
I think he's more famous for creating glide when he was at 3DFX
This is news? This is one of the main reasons people choose ActiveX.. full access to hardware ( and everything else ) w/o any security issues.
So ActiveX is bad? Interesting news!!
And a posting on Slashdot says a Microsoft thing in bad. Amazing!!!
But it's Microsoft technology and they are very careful. This person is obviously an open source zealot and should be sued!
I hope virus writers won't find out about this!
-------
Warning: Slashdot may contain traces of nuts.
That is, more ammo to use when telling people to get off of MSIE. The prospect of having a webpage completely wipe their hard drives clean is something that should scare even the most lackidaisical of users.
What if the hokey-pokey really is what it's all about?
I shutter at the thought of running any code that I (or at least someone else) has not inspected. Just another reason to use Firefox and other opensource software.
Slashdot = ((Technology + Politics) / Trolls) % Grammar Nazis
Setup www.formatmyharddrive.com. Online hard drive formatting, done in minutes, only $5.
I don't.. see a problem here..
I think this could be considered as a proof of how ActiveX was vapor-designed by Microsoft to compete with original Netscape's plugins.
1. Examine more or less how competition works
2. Quick! Make a prototype and flat-out obvious bugs
(Missing step: redesign well taking into account security considerations)
3. Overhype
4. Profit!
So now we're stuck with an obsolete plugin model, which Microsoft neglects to fix because this would break backwards compatibility.
THE END.
Whoever mod'd that down to -1 as Offtopic didn't read it properly
I thought that aside from the VeriSign problems, it's a pretty good system. It sure is easy for people to use.
But now, with the various security problems, the only thing I can recommend is giving people instructions to download and install things on their computer. And so that makes it important to have simple installers.
I'd say that once again, Apple is doing best in this area.
So, ActiveX is unsafe? Congratulations on noticing something everyone has known for eons. Even users are figuring it out, and IE is configured to require them to agree to installing controls. Sure, it's a lousy design (why should anyone think users are smart enough to figure out what controls are safe?) but it's not news.
Sigs? Sigs? We don't need no steenkin' sigs.
It's a feature not a bug. Suppose that was the intention of the programmer?
:-)
i.e Click 'here' to format your hardrive
But seriously... by obeying the security settings on both the server and client, then theoretically nothing 'unexpected' should happend as a result of visiting a web page.
I know alot of people who don't know how to format their harddrive.
Now I'll just have to point them to a webpage.
it would have been less damaging to take up chain smoking, or bear kunckle fighting.
Fighting bears has too many animal cruelty issues. Bare knuckle brawling, I suppose, would be a preferable option to fun with ActiveX.
Gosh, I remember talking about this stuff around 1996. Never saw the widespread abuse that we were predicting back then.
'Same speed C but faster'
I'm really finding it hard to give this guy any credibility at all. First off, none of the issues he cites are in any way new, these problems are old hat. But then to get all nit picky about the details of these issues by professing things like 'I don't use ATL, I write my ActiveX in MFC.' Shit, I don't even know where to begin. The guys just now digging into ActiveX and has decided flat out that MFC is the way to do it? Strike 1, and strike 2. Not immediately dropping it and moving on to something more suitable, you're out man.
I'm dumbfounded by this.
And editors, you're not helping any by posting stories like this. It's all too obvious that this article was posted because it fits the anti-MS slant quite well. That's all fine and good, but this article brings absolutely NOTHING to the table except another excuse to bash MS and an OLD MS technology.
No Comment.
Active X was never meant to be completely secure. It was designed to be faster and more powerful then Java. And it is that, faster because all the code runs natively with no virtual machine, and more powerful because all those annoying security designed are non existent. That is why it is so widely used. And that is why IE systems are full of spyware, that are spamming everyone! But during this time in the late 90s. IT wasn't thinking of security. And why should they. Hacker only came in on non firewalled systems. Downloading an untrusted active X control is just like downloading any other program be it a trogon or a virus, these usually worst case just messed up your files or in nasty cases put bad sectors on your disk (But I think that is an urban myth, I haven't studied virus that much to know for sure). So that was a user error. And with Windows 95 and 98 as a primary OS they already had access for mess up the drive from the system anyways. So while a lot of people were going THINK OF SECURITY MAN! They just go well it is faster then java plus I easily save files to the disk. I am using this.
The move to a strong security model just started to really happen by the year 2000 when common people started getting high-speed internet access at less cost then the companies are paying for their T1 lines. Then they started clamoring to make everything secure but because they laid off the bulk of their IT employees they became under manned to fight security. So it is now a long slow process of building up IT security.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Looks like Brian Hook is getting seduced by the dark side of the force.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
even WIDESPREAD coverage that the site is LETHAL to a computer wouldn't keep people from visiting it. When the "I Love You" virus hit a while back, we actually had users open the e-mail "just to make sure" it wasn't really someone sending them a love letter (like they EVER got them before and would SUDDENLY begin to, entirely by coincidence, right then...)
Like the man said about tsunami alerts in the United States: "There's still a large segment of the population that would go get their kids out of school so they could drive to the beach and watch the big waves..."
This space intentionally left (almost) blank.
Well, don't worry everyone, I am sure that ActiveX isn't nearly as bad as Brian described it... after all, it's just another fine Microsoft product. Plus, since it's closed source, none of those mean nasty hackers will be able to open it up and use it to blow up your computer....right? What, you mean that isn't true?!? Closed source is insecure?!? And Bill Gates isn't a supporter of free net culture deep down inside?
:)
The truth can be a bitter pill to swallow...
NOTE: If you don't know about goatse, don't look it up. It was never funny and it'll turn your stomache.
The CB App. What's your 20?
If only the media could understand the magnitude of how completely frakked this OS design is in Windows, our government would start using systems less likely to be compromised during hostile acts against the US and its population.
Not that any OS that doesn't use ActiveX is perfect...nothing is. But allowing the OS to be commanded through something as commonplace as a Web page or email is just ASKING for it.
"No networked computers on my ship," says Adama in the new Galactica series. That point saves their asses from the other ships of the fleet, whose computers were rooted by the Cylons and quickly destroyed because of over-integration.
Sure, it's fiction. But fiction has a grain of fact in it to make it real.
Vos teneo officium eram periculosus ut vos recipero is.
...but it should be repeated until everyone has heard it loud and clear. ActiveX is dangerous.
You click it first.
- Sco claims ownership of linux source code!
- Apple has released new products!
- DVD CSS encryption has been broken!
- RIAA threatened by P2P networks!
- Darth Vader is Lukes Father!
- BSD is dying!
Its good to keep up to date on all the latest news.
air and light and time and space
Is this news? Just curious :)
-== FeriCyde Chat ==-
There are some major changes that need to be made for these technologies, such as activeX... and really any langauge that has a lot of hign-end "features" (possibly as flash, java, javascript and any other langauge that gives a big range of commands/calls that can be applied to your computer... such as formatting your hard drive). something needs to be done... some sort of agreed upon framework.
||| I still can't believe Parkay's not butter.
Ok I don't like activex as much as the next guy but this is:
1: Old news
2: Noone cares (see 1)
Its looking for a story thats not there. Any system can be easily compromised if "security levels are set low". The point is ActiveX is "out the box secure" - that is... unsigned code is not allowed to run.
"I've been doing some ActiveX coding on the side for a couple days," WOW...HOW EXPERIENCE you are.....oh my
In a word bullshit..
Ie done ActiveX programming on and off for 6 years now, and while there are theings to be desired in the model, I can tell you you can create some pretty cool stuff in a short time.
He'd never lie to us, would he?
See what I've been reading.
But, wait...don't we all know this already? Been there, done that. Here's something new to bitch about:
Standardization of acronyms: according to The Acronym Finder, PDA has 70 meanings. Discuss...
You IE users might want to check your security settings before you RTFA...
I misread that. I thought it said "Brain Hook, The ActiveX Experience" and I thought... wow, that's a whole new level of "integration" for Microsoft. They must have finally managed to fuse ActiveX and cocaine...
-ac
You would think that with all of these grievences and new patches turning off Active X by default that this should start the death of Active X all together.
Why is it still being used? what are the other choices?
as with all windows BUGZ, this is called an enhancement, or a feature. Nothing like a wiped harddrive to get you thinking about linux.
=)
to not know that about ActiveX. This guy has "fame"?
Arbitrary sig
I need to format my hard drive but the sys-admin here wont let me. Just kidding im the admin :-)
Like the man said about tsunami alerts in the United States: "There's still a large segment of the population that would go get their kids out of school so they could drive to the beach and watch the big waves..."
Those who still do not believe in natural selection raise their hands. No-one? Didn't think so.
Black holes are where God divided by zero
Obviously he's planning to take on Wild Tangent.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
That's it exactly.
To put it another way, if you change a single setting in a single program (IE) any web page can zap your system. To make your *nix box as insecure, you have to change the file permissions for every single file on the system.
IE is a single point of failure. That's what makes the comparison invalid. You'd have to go out of your way to screw up a *nix box that bad.
Weaselmancer
rediculous.
Yah... well I've written java applets and run DHTML scripts that will do the same thing. The moral of the story is, if your IE security settings are so low, you probably don't care what gets installed on your computer. There are a million ways to jack up a system off the internet... and only a couple of little things you have to do to put up a pretty effective defence.
A hungry man will tell you anything if you give him a cookie.
How is this animal cruelty !? Would geeks give the bears indigestion?
Think global, act loco
Was a nice little summary about why ActiveX sucks, but the post is more than a year old. Either the submitter just discovered the Internet, or this is troll feeding right on the front page.
This is "news for nerds"?
======
In X-Windows the client serves YOU!
NEWS FLASH
----------
Homes with "low security" can be broken into.
If your home has "low security" as a default option such as an unlocked window or a door that does not have adaquate protection, people can break into them and steal all of your nice stuff.
Movie at 11.
Why do overlook and oversee mean opposite things?
You don't need Active X to format a hard drive. An application called JennyTheSlutwhore.exe can do just as much damaged downloaded from a website or recieved in an e-mail. There's absolutly no difference. If a user is dumb enough to disable security then f em.
ActiveX has been this way from the beginning. ActiveX applets can be entire programs, just ones that run inside your browser or another container. The only limitations are the security settings of the containing program.
That being said, with a trusted ActiveX app you can do a lot with the OS. The problem is that most users are too trusting (or their browsers are, if the security settings are too low).
ActiveX shows Microsoft's commitment to the developer experience. Just think how hard it would be to write a webpage which makes firefox or any other browser format the user's harddrive.
Much more subtle, and IMHO more sinister attack is not to format the hard drive but to read from it. Nobody knows when read attacks occur, and it will take a while for word to get around. Also, read attacks are much more useful if you want to attack a certian person/group of people(IE you aren't a script kiddie in for the cheap thrill).
Which is more damaging, deleting the email of a person cheating on their spouse, or forwarding it to the spouse?
Monstar L
First, let me say that I don't like shoving COM objects into web pages either.
Now, looking through the article:
He uses 'activeX' to mean specifically the deployment of COM components to a browser, apparently in blissful ignorance of the actual meaning (ie synonymous with COM). He uses expressions 'the ActiveX API' as if ActiveX was a product rather than a standard.
He uses MFC by choice.
He uses MFC to write COM components, in 2005. The sheer "please stop doing that, and by the way you're fired" factor of this may not be obvious to non-COM developers, but believe me, it's high.
He does not pause to learn COM before using it / whining about it / writing articles about it. Not even little baby steps.
As an academic matter, he also doesn't learn/think about the situations for which activex components on the web may be suitable, such as when delivering complex functionality in a browser in a sealed, trusted environment. But really, this plain old crack in his common-sense pales into insignificance beside the deep, yawning crevasses in his technical knowledge. When information content is zero, higher-level errors don't really matter.
BUT... his article is anti-MS in some way.
So here it is on
Whee!
Whence? Hence. Whither? Thither.
I'm waiting for the "Damn, my oven gets hot" and "Dog bites considered harmful" articles.i
I forget what 8 was for.
It is not really true that "format c:" will destroy a modern Windows installation, even as admin. I have actually tried this on a laptop that screwed up after Service Pack 2, and you are not allowed to format without unmounting, and you can't unmount the system drive. Sorry to spoil an old threat/joke.
/F /S /Q *" does (it doesn't format, but it does remove all files). That's "del /F /S /Q *", slashdotters. Remember it. Change old jokes to include it, and run it if you see a Windows machine.
It probably worked in DOS or Win9X, and that started the myth.
Just to prove that I'm not trolling to make people try it out, there's an article about it here, which basically says that while format c: doesn't work, "del
# cat
Damn, my RAM is full of llamas.
This is GREAT news from a qualified source! A guy who is a programmer dabbles with a 10 year old technology for a few days, and this is news?? You gotta be kidding me.
/. articles are getting ridiculously bad, recently.
I happen to be an expert in PL/SQL development, and this weekend, I looked at COBOL, and guess what... it's hard!
I don't respond to AC's.
This is the guy that made Q3 the booring piece of trash that it was and then got canned from Verant.
Next we'll be seeing article on timely project management from GreenMarine.
Microsoft already made that page! It's the XP SP2 auto-update page.
I can make a doornob that basically electrocutes you, stick it on a door, and if your resistence is set low enough, you'll start electrocuting the minute you visit my House.
That'll teach you, you damn jehovah's witnesses!
It wants its story back.
I've been doing some ActiveX coding on the side for a couple days, stuff I'm not familiar with, and I'm just flat out _appalled_ at how bad that entire API and design is. I can make an OCX that basically formats your hard drive, stick it on a Web page with a tag, and if your security settings are set low enough, you'll start formatting your hard drive the minute you visit my Web page.
.NET Assembly can be included in a webpage just like an ActiveX control, but when it runs, the .NET CLR puts it into the Network Code trust level, which disallows most local operations like disk access.
Which is why Microsoft has been urging companies to move to managed code, and to turn off Unmanaged ActiveX completely.
The problem here isn't that ActiveX is inherently insecure, its that ActiveX was designed at a time where managed (read: sandboxed) code was unavailable on the Windows platform.
a
Bash ActiveX all you want, but in my mind Microsoft has done their due dilligence in fixing problems like the one mentioned above...
I am disrespectful to dirt! Can you see that I am serious?!
So the slashdot community likes to think of themselves as a whole as being more intelligent and above other communities.
This posts shows nothing further from the truth, i'm appalled that there arn't more (-1: Troll)s on this..
It's obvious this guy is no web security expert, nor does he claim to be. It's also obvious that his talent is more specialized and thus it should not be a surprise when he is unread on any given topic. And to top it off this was no news post as his edits say, he was mearly alerting his "friends" on the board in case they too were unread on the subject.
It's a surprise this "story" was even posted.
I'd be impressed if he wrote an ActiveX control which reformatted your PC's hard drive as an OS X HFS+ Volume.
September 2011: Looking for Cocoa/iOS work in Boston area Cocoa Programmer Quincy, MA
Apparently, Mr. Hook is unfamiliar with the infamous Internet Exploder.
Mail? Put "slashdot" in the subject to pass the spam filters.
This type of thing seems to be a design philosophy at Microsoft: design all systems to easily interoperate seamlessly. Sounds good at first, but becomes a problem when that means severely compromising security. Microsoft needs to realize that interoperablity and seamless integration are nice, but require in-depth thought on the security issues behind it, which they never seem to do.
I saw a Longhorn demo not long ago where the presenter was passing executables back and forth over email saying (to the effect) "no need for incompatible file formats, we can just send a small executable containing the data and viewer each file". We can all imagine the problems this entails. "Don't open executables" becomes bad advice; all attachments become unsafe.
Someone should make an ActiveX program (correct term?) that downloads and installs Firefox. Also, it could redirect any IE shortcuts to FF. Put it on a popular web site, and watch as Firefox' marketshare explodes! :-D
Sig Nature
The man said he was appalled. That's not a minor grievance.
You probably could make a little money off that. Bizarre but totally possible.
Sean D.
"Hmm. I am to metaphor cheese as metaphor cheese is to transitive verb crackers!"
Not to put too fine a point on it, IE defaults to _not_ running ActiveX controls without your permission. It clearly says that an ActiveX control can destroy your machine if it wants.
You seem to be missing the fact that ActiveX is designed to allow you complete access to a machine. Whilst a better access rights model should be in there, it does mean things like Windows Update work with little user intervention. There's certainly no lack of useful sites that use ActiveX - for example, Trend Micro Housecall. They need unrestricted access to do their job.
I know this is Slashdot and its our job to bash Microsoft, but please put the technology into context. ActiveX having unrestricted access became a problem because of Internet Explorer, not because the technology itself is fundamentally flawed.
As others have noted, this is rather obvious. It's native code. It's one of the things myself and other that attended the various ActiveX roll out sessions wondered. When questioned about it the presenters tried to sidestep the issue. It's very old news
/f on it, much less a format C:. Honestly formatting my hard drive is probably one of the lesser things I worry about. What's far more dangerous is something that lives on your system hidden from view that does more nafarious things that are harder to detect. It's the malicious code that you don't see that you should fear not the stuff that is obvious.
However you'll find it's rather hard to format your main hard drive since Windows keeps a tight grip on that. You can't even do a chkdsk
What's unfortunate is that no one else has come up with a decent alternative to ActiveX as far as easy of development. Until that happens it's going to be hard to erase ActiveX.
I know there's some use of Active-X within in-house applications, but as far as I can tell, Active-X for general web page use has declined substantially. Major banking sites don't require it any more. Bank of America is Active-X free, and they're the biggest US bank. Other banks need to take a hint there.
Missing step: redesign well taking into account security considerations
Netscape also missed that step. Of course, they also missed the easy-to-install step, which is the reason ActiveX controls are popular among end users.
Sure...this segment is called "stupid people", and wouldn't be a major loss to society anyway...in the context of the viruses the problem is that the actions of this segment screw everyone else, not just them.
b/c I went to his website and my hard drive was formatted.
You can make a .so file that formats the harddrive if the user installs it (if the user's security access is high enough). Let's ban them!
as for security, his site could stand to be brought up to date as its still running phpbb 2.0.6 at
http://bookofhook.com/phpBB/index.php
"I've been doing some ActiveX coding on the side for a couple days, stuff I'm not familiar with, and I'm just flat out _appalled_ at how bad that entire API and design is. I can make an OCX that basically formats your hard drive, stick it on a Web page with a tag, and if your security settings are set low enough, you'll start formatting your hard drive the minute you visit my Web page."
No kidding? Maybe that's one of the reasons smart people don't run IE, or any Microsoft product for that matter. Microsoft wouldn't know security if it bit them in the butt. Install, learn and use Linux if you want a better network experience... or if you don't want your private information and identity stolen. Windows is just horrible.
Did you all know there is virtually no difference between native Mozilla plugins and ActiveX controls EXCEPT for the interface to plug them in? They both run native code and they both have potential to destroy your system. Just because one adheres to a Netscape standard and another to a MS standard does not make it any more secure!!
The biggest problem with ActiveX on web pages is not that it was "poorly designed for the web", it's that it was NOT DESIGNED FOR THE WEB at all - ActiveX was originally a programmer's toolkit library called OLE (Object Linked Environment) which pre-dates the web by several years, and allowed programmers to use any MS program or system call as part of their own program. Want to embed MS Excel in your tax application and feed info to it? Use OLE! Sadly, nobody liked it, and MS blamed the sucky, complex and scary sounding name, so they re-named it to ActiveX (which sold much better, because everyone knows "X"s are cool.)
When MS realized the web wasn't a fad that would go away, they needed to compete in it, and they needed something they owned to fight against this Java-thing (which they didn't own, and therefore didn't like), and they decided they already had something they could stick into any of their programs really quickly - ActiveX! - which lets you embed and access any other MS program, tool, or function, including things like the format command, the power on/off register in your hard drive, and other programs such as MS Wallet to transfer money from the user's bank account. Security didn't even start to happen until after they tried suing people who pointed out problems into oblivion (it didn't work).
Forget formating, write an ActiveX program that replaces IE with firefox.
You could package it as a security upgrade with an EULA and all the other bells and whistles.
-- Should you believe authority without question?
Great apology, GeckoX. Would you mind telling us how using ATL would help and why those mechanisms have not been put back into MFC? The problem is seven years old because Microsoft did a bad job seven years ago and has not fixed it yet.
It's all too obvious that this article was posted because it fits the anti-MS slant quite well. ... this article brings absolutely NOTHING to the table except another excuse to bash MS and an OLD MS technology.
Once again, enlighten us, GeckoX. What nasty piece of crap does Microsoft have to replace this old nasty? Tell us the wonders of .NET single sign on or something.
The author has done a service to people contemplating this kind of work. The neophyte designer should know the general reputation of the players involved and that comes from looking at old stuff too, especially if it's currently used. People in the past have been suckered by M$'s huge PR budget, which includes astroturfing of discussion forums.
Gecko, the name rings a bell. Let's look at what we find in your posting history. Oh yes, lots of M$ apologizing and insult for Slashdot readers:
It's easy to find junk like this from GeckoX using a Google search, geckox slashdot. Thanks for playing.
Friends don't help friends install M$ junk.
ie, Brian's experience with "offshoring" via RentACoder for a piece of the ActiveX work this slashdot article refers to. The security rant is old news.
No, I did not read the f***ing article!
Don't forget about those safe for scripting controls. Those can be modified to do some nasty stuff too.
Also, setting a web page as a background on your desktop can delete your hard drive if the web page has malicious ActiveX controls.
Remember that DRM loophole in WMP, recently?
-- Microsoft is the most expensive commodity operating system and office suite vendor in the marketplace.
For those old enough to remember Windows95 and Windows3.1, activeX was called "ole" short for Object Linking and Embedding.
It was used in VB to drag and drop controls and parts of applications. Thats it.
For example you could slap together an app that uses Excel by using the ole (activeX) control from the program and putting it on the form.
Anyway its powerfull and security is not an issue since it was designed to be used in internal apps at compile time by VB and VC developers.
MS was panicked by netscape plugins wbecause ms didn't control it. What MS should have done was base ActiveX on ole, take out some features and add security oriented ones in return. Instead they gave out the ole controls with a dumb hackable trust based pop-up as a bandaid solution for the security.
http://saveie6.com/
MS added ActiveX to IE in around 1996 to compete with client side Java released a year earlier. They made great play of the fact that was un-secure as the time (OK - they didn't. What they actually did was to make great claim that you could do all sorts of helpful, useful things that Java's unnecessarily paranoid applet security model prevented you from doing which amounts to the same thing). Unfortunately this was quite successful for quite a while with a number of sites needing ActiveX to work (most Flash sites if you're using IE still do, of course). God help the web when MS releases whatever its "Flash Killer" ends up being (Son of ActiveX, I guess).
If you can create an ActiveX control to format your hard drive, why not one that automatically downloads and installs Firefox, then deletes Internet Explorer? Hell, get rid of Outlook too!
even though this is old news - this stuff needs to get to the common people who use this crap everyday. activex is a joke and should be outlawed. but billy and steve are laughing all the way to the bank and the uninformed let them get away with it. whoever writes a website for one browser whether its an internal or external site should fired on the spot. but that is just my opinion.
Yep, sounds like a great deal.
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
ActiveX has been like this for years, and years, and years... since the day it came out.
IF you are silly enough to set your security settings low enough to run foreign untrusted activeX controls, well, DUH.
You know what? You can do the SAME thing if you accept signed java applets when you shouldn't....
The default button (which I think is "Ok") will let the thing run.
The default button is and always has been "NO".
Except I went in the other direction. I'm an amateur programmer who's been doing a lot of stuff in ASP at work. Then I tried PHP, and I found it to be far more consistent, easier to use, and free of a lot of superfluous typing (echo() instead of response.write(), If{} instead of If, End If, etc. Don't even get me started on database access...) Yeah I know, it's not a big deal to a lot of you, but remember I have never done any C programming. PHP was just a breath of fresh air.
-R
Best comment in this entire discussion.
ActiveX is just another name attached to an already existing technology called COM. As subset of COM, ActiveX was designed to ease software development by allowing the developer to create a completely independent piece of software that can "attached" and controlled by another piece of software. These components usually take the form of DLL files. For example, instead of figuring out how to design a spell checker, a developer writing his own word processor can get hold of an existing spell checker ActiveX component and incorporate it into his program very easily. This saves tons of time and prevents reinvention of the wheel.
ActiveX is Windows. What most Windows users don't realize is that this technology is literally scattered throughout the system. Even in critical spots. The Windows Explorer uses it heavily. Internet Explorer, Excel, Word, and even our good friend Mozilla are all popular examples of ActiveX executable programs (Non-DLL versions).
Back in the mid-90s, Microsoft got somewhat over-zealous about the Internet and figured it would be a boon to allow someone's custom control to run inside of a web page. The control would be loaded by the browser itself. In a perfect world this actually would have stayed a great idea. Of course as we now know, this has proved to be dangerous. However, that doesn't mean we should dismiss ActiveX as a bad technology.
It's therefore my opinion that in today's hazardous world of viruses and spyware, people need to be more conscience of what they should and shouldn't be doing on their computers. In fact, most people (usually unnesessarily) get viruses or adware from not being careful enough to "READ" before they click OK. Or don't take the time to learn about their computer enough to secure it correctly. Perhaps it's the people and not the technology that needs the upgrade.
When ActiveX was first announced in the 90's people complained about it's lack of security model. ActiveX was MS's answer to Java applets. Problem was that Java was built from the ground up with security in mind. The security model runs applets in a constrained (sandbox) environment to eliminate the threat of malware. ActiveX initially had no security model. Early on, when complaints were voiced MS added code-signing putting the onus on users to distinguish between legitimate code and malware.
Over the years, the view of the critics have proved accurate. Java applets have had a few security problems - usually related to buffer overflows in the VM. ActiveX has been and continues to be a security disaster.
[Insert pithy quote here]
It's lose, darnit, lose lose LOSE !
Wait a minute, you actually meant to say "loose", didn't you?
Between using "lose/loose" correctly and not writing "This begs the questions:", I'm prompted to ask: what are you doing on Slashdot? We don't take decent grammar lightly around here, bucko.
Dewey, what part of this looks like authorities should be involved?
My wife isn't terribly computer savvy (at least, she wouldn't be if she weren't married to a CompSci person), but she's perfectly content with Mac OS X asking for her password before updating system software. It's an immediate red flag that something important is about to happen, and I think she'd be extremely hesitant to type it in response to clicking on a link to a web page.
Dewey, what part of this looks like authorities should be involved?
Remember? It was called "QuikProtect." - Crow T. Trollbot
For you idiots who can't seem to get this straight, let's see if I can make it clear for you:
ActiveX != Java Applets.
ActiveX == NSPlugin.
Microsoft did not come up with ActiveX as an alternative to Java applets. They took a technology that they already used and repurposed it to fit the needs for a plug-in architecture for Internet Explorer.
So what this clown in the article is whining about it is way off the mark and, for all intents and purposes, is FUD.
I can write a Netscape Plug-in that will do just as much damage as an Active-X plug-in. It doesn't really matter which "technology" I use.
All the boo-hoo about Java applets is completely wrong.
The only downside to ActiveX is that it can be installed and used without a browser restart, where Netscape plug-ins can't (although I believe this behavior might be different in Firefox/Mozilla - and, if so, well there ya go!).
Get your collective heads out of your collective asses and maybe something constructive can happen here. But that's not likely.
ActiveX, for those that don't know, is a "technology" that allows you to download a piece of natively executable software from any arbitrary location (e.g. embedded in a Web page) and let it run.
is a bad start since he already missed the whole ActiveX point in the first place. ActiveX are not meant to "download and run arbitrary code". This ability is just part of the ActiveX features. A bad feature maybe but it's not the core of ActiveX.If this seems insanely unsafe, that's because it is.
If you leave it as it is, yes.I can make an OCX that basically formats your hard drive, stick it on a Web page with a tag, and if your security settings are set low enough, you'll start formatting your hard drive the minute you visit my Web page.
I see many other confusions :- Confusion with OCX (the auld name of what was not exactly ActiveX at this time). Confusion probably comes from that names still remains in MSDEV. Going further back, we can call those components COM/DCOM. Problem remains.
- Confusion with what is being written/released/used: I too can write a nasty ActiveX. I can also write a nice Java Applet, or worse, a downloadable Java application using JNLP. Now who's going to want it? People who click on all popups in IE? Right...and what? People who trust me? The problem is the same with every other component or software you download. Run it or not. Trust it or not.
- The "updater" example with the HTML code is ridiculous. Of course you can change PARAMETERS in any kind of applet/activex embedding. If you application is dumb enough to let anything go, bad goes to you. And anyway, the code is still the same ActiveX. There is no issue aside from what the developer wanted to introduce.
Aside from a good slashdotter bashing against M$ again, what exactly is the point of this whole article? It's misleading, misinformed and half wrong.Spoken like someone who also must endure the idiocy of others with a professional air. Greetings, brother!
This space intentionally left (almost) blank.
The current security model, based on the concept of principal and permissions/ACL, forces the trade-off between being able to do powerful things and raising the security risk.
The capability-based security model (see http://erights.org for more details) is a way to break this paradigm and allow for power AND safety (and usability, from the existing prototypes). Still lots of open issues, but seems like a very interesting direction for safer computing.
umm .. er .. signed Java applet utilizing JNI can do the same .. whoop-the-f*cking-doo .. of course you can get screwed running random code from untrusted source, wheres the news ?
http://validator.w3.org/check?uri=http%3A%2F%2Fwww.slashdot.org Errors found while checking this document as HTML5!
And exactly what credibility does a random game programmer have when judging a piece of software meant for web programming?
http://www.imdb.com/name/nm0425005/
Isn't that *almost* the same as saying "if you are logged on as root?"
Of course bad things can happen to your system - any system - if you are an idiot.
I am very small, utmostly microscopic.
Come to think of it, theres nothing to stop a signed java applet running amok on your linux hard-drive either (if you disable the security or) accept the activex style security prompt.
You're reading Slashdot. Stuff we already know is news here.
This is possible with any binary executable content that you download from the web. ActiveX just makes it easy. Other relatively simple things that could be done are:
.exe that formats your hard drive. .msi that formats your hard drive. .rpm that formats your hard drive.
.NET objects.
- Write a Netscape Plugin that formats your hard drive.
- Write a
- Write a
- Write a
- Write a shellscript that formats your hard drive.
- Write a freeware version of DOOM that formats your hard drive when you lose.
etc.
In other words, he's missing the whole point here. ActiveX exists to run binary content as efficiently and seamlessly as possible. It's assumed that the end user is intelligent enough to not install binary content without verifying it's origin and making the active decision to trust that publisher (akin to signing your rpms). The problem comes in that people choose to trust software authors pretty liberally when that trust really should have a lot more skepticism attached.
In short, ActiveX is simply a "better" Netscape plugin. If you want some form of sandboxing then run Java, or
Fear: When you see B8 00 4C CD 21 and know what it means
It's not just the free market. A lot of progress takes place incrementally, between major inventions. That's true even in the sciences - in fact, if you study the philosophy of science, you'll find entire books have been written on the subject. Thomas Kuhn's "Structure of Scientific Revolutions", for example. Kuhn describes a model of science in which most normal science is incremental and cumulative, punctuated occasionally by paradigm shifts due to a major new discovery or insight. Something very similar applies to the process of invention and then applying and improving on inventions, whether in the free market or in other environments.
But how could you reformat a mounted drive in Linux?
Isn't that *almost* the same as saying "if you are logged on as root?"
No. You can get boned even if you're logged in as a normal user. And you have to set your security settings down to use the ActiveX components that many websites require... the whole model is nuts, it's trying to apply discrestionary access control to a realm where mandatory access control is required.
Anyone have the URL for the site that zaps your hard drive? This will help me clean my relatives' comps of spyware with a phone call.
Demo CDs are a different story, because they come with stuff already installed (I believe). This means you don't have to go through the hassle of installing apps, which is when you often have to escalate privelelges.
I've never used a demo Linux CD, so feel free to correct me if I'm wrong. But I don't think this properly guages how people will react to using the OS as their everyday environment. People like to download and install new apps, I've found, and they don't usually like having to enter a password every time. A lot of users even complain about having to enter a password upon boot-up!
-Dan
ActiveX is simply a "better" Netscape plugin.
You seem to have misspelled "horribly horribly worse" as "better" there. Hope that helps. Have a nice day.
http://www.rlkco.com : )
There's nothing to worry about. Microsoft put out a patch for this years ago.
Wait, do you mean that didn't fix it?
The point of my post is that a dumb user can grant inapproriate access to malicious code regardless if he types "su" and a password, or clicks on Tools | Internet Options | Security and slides his settings to "Meduim Low".
I am very small, utmostly microscopic.
He found some problems with the API and as a result he has some grievances against Microsoft.
Shop as usual. And avoid panic buying.
...to play in FireFox's sandbox, not to t0t411`/ 0wn3rz uR |-|4r|) |)15k or any other hardware you happen to have, which is the level of trust you're extending to ActiveX.
There's a slight difference.
Got time? Spend some of it coding or testing
ActiveX installs of linux anyone?
return -ENOTFUNNY;
...and in other "news" - smart guy restates the obvious
*captain redundant strikes again
In 1996, Fred McLain realized there were security problems with ActiveX, and wrote an demonstration ActiveX control called Exploder. Exploder will shut down Windows - not do permanent damage, but of course the point was if he could do that he could do anything.
He then went to Verisign and got a certificate and signed the control, to prove the point that code signing doesn't guarantee the control is safe. There was a blaze of publicity at the time, and Verisign threatened to sue him if he didn't take the control off his web page. In the end he took down the signed control. The unsigned one is still there for your edification and enjoyment.
The whole sorry story can be found here.
The original poster wrote: if it's security infrastructure is sufficiently loose. I say we ask Taco to unban him in light of this new evidence.
Vino, gyno, and techno -Bruce Sterling
The point of my post is that a dumb user can grant inapproriate access to malicious code regardless if he types "su" and a password, or clicks on Tools | Internet Options | Security and slides his settings to "Meduim Low".
I'm sorry, but that's not true.
I can type "su" and run as "root" all day and all night, go anywhere on the Internet I want, but unless I *also* say "install and run this untrusted applet", explicitly, there is no mechanism for me to get owned.
Lowering your security options opens you up to a whole new level of security problems beyond that... because now all of a sudden you're not just privileged, but you won't even be asked "could I please 0wn your box"... it'll just happen before you know there's a problem there.
And you don't even have to lower your settings, if the guy with the exploit can find a way to convince the HTML control that you've done it. Once upon a time it was as easy as guessing the path to your Internet temporary files... they've fixed that one, now, but so long as there's a "low security" zone or a "trusted" zone for them to sneak into, they'll figure out a way to do it.
Should Microsoft invented the concept of browser, HTML would be a closed source, expensive Office plug-in, targetted and sold exclusively for corporate clients.
But, since Microsoft had no concept of global networking, beyond closed corporate networks (their "target market"), since they had no concept of sharing information with the entire world, for no profit, just for the beauty of sharing ideas, since they had no concept of Open Source, to show the whole world how to do it, they of course, could not have possibly concieved the whole idea of the web browser.
It would have been "against basic ecomomy", it would have been "counter-productive in a capitalist society" - even to think about it.
Why don't we just add an activex control to say ./ which changes the security setting of ie? I mean I know 5 years back when I used to be able to code in vb (aka before OSX) I could delete a users file menu, so can't we do this.
That also begs the question of can we make a control that can lower (in anyway) the security settings? That would be a useful security flaw for any Al Qeada (its spelt wrong to fool the FB1) terrorists.
{Insert Signature Here}
yeah, but can you make it start installing linux?
Comeon, enough Windows bashing.
We all hate microsoft, whatever, get over it, move on.
I remember hearing about a certain type of product that ran a particular type of operating system that is used to make things work very reliably.
And the code was built for this product with all debug symbols resident in the image because it was easier to debug.
And so if you knew the way to hook into which ever port it was that was not secure and you knew the password then you could log on and do whatever you want, download the code, steal the whole product.
And I am sure that is why there are so many companies doing these exact same kinds of devices now.
So, it isn't just windows that leaves the barn door wide open. You just have to know where the barn is. . .
Umm, I've seen the Quake 2 source code (it's available under GPL). Both the Quake 2 server and client are FILLED with security holes. Basically, there's no security whatsoever -- there are so many buffer overruns that there isn't any point in even enumerating them. I seriously doubt Quake 3 patched ALL of them.
On the other hand, the problem he's talking about with ActiveX is known, up front -- it's a DESIGN flaw, everyone knows about it, because it was freakin' DESIGNED that way. That's why ActiveX controls are signed. Nobody who builds ActiveX controls has any illusions about the security model. It's a totally binary security model -- you either trust the code completely, or not at all.
I'm not saying ActiveX is a good design -- far from it. Java is a far better model for secure mobile code. But this guy is a total hypocrite -- the products he has worked on are security NIGHTMARES. Anyone who wants to verify this can download the Quake 2 source code. Quake 3 has a similar, though slightly less drastic, history on security holes.
In the days of IE3.2 you could have jscript write a webpage to the users local drive to do everything behind their backs - no warnings at all (local insecurity).
:)
The license to use a 3rd party OCX was inserted in the OCX as plain-text and there was probably something very simple to rewrite your own UUID (?) to reuse a 3rd party DLL (MS removed info from their site before I worked this one out).
Microsoft managed to park a van outside my house one time so I vowed never to touch their software again even if Win2K was looking good.
PS. Im just a computer enthusiast.
You can install with "runas", although I admit it doesn't work very well. But there are programs that offer to elevate your user priveleges when installing.
-Dan
Well sure I did that, but I was using my work computer.
Same way you reformat a drive on Windows :)
GUYS -- don't be such weenies! Don't you GET IT? ActiveX is SUPPOSED to give the developer the POWER to access the FULL capabilities of the hardware and software installed on the user's box! That's POWER -- That's what it was MEANT to DO! This is the one major advantage that MS has over the open-source, el-lameo browsers and HTML-Java-web-based-applications. They are so 'safe' you CAN NOT take advantage of what the user (or the company) spent so much to put on their bloody desk. Wanna go back to terminal days -- or what? How about a Firefox dumb-terminal? Talk about killing all the fun in programming... By USING ActiveX properly -- you can build applications can that literally make the computer sing and dance. I can build web-based applications that look, work and feel like desktop-based applications. They can communicate with the corporate back-end (whatever it happens to be), and not be limited to the RESTRICTIONS of non-MS browsers. Even using Visual Basic (I can hear the groans now, but live with it.) -- I can build an ActiveX control in less than 30 seconds that performs a very useful function, such as connecting to a database, firing queries, while at the same time firing off OS function calls, communicating with other network-based applications or services -- or WHATEVER. I can leverage my Visual Basic knowledge to develop true client-server applications that have some REAL POWER -- and the beauty of both ActiveX controls and Active Documents -- is that these can be ported between standalone/desktop applications to web-based applications WITHOUT pulling out one's fingernails to do it. What may surprise some of you is that this POWER has been available for more than 6 years already. Some of you sound like you've just come out of Freshman-U and only just heard about it??? OOOOOOOOOOH ActiveX DANGER Will Robinson!!! Ohhh The sky is falling! RUN AWAY from ActiveX! Be afraid! C'mon guys -- if you want to play in the sandbox, that's fine -- but don't knock the tools or technologies that let the big guys dig into the guts of the machine and have some REAL fun. :)
.NET's security model does this.
- This and all my posts are public domain. I am a Physicist. I am not your Physicist. This is not Physically advice
Hey, this is a great way to get back at the slashdot crowd.
1. Get Slashdotted.
2. Re-build server.
3. Add ActiveX control to format hard drives of unsuspecting visitors.
4. Re-post to slashdot
5. ???
6. Profit.
I suspect step 5 here is "Set up a data recovery company"
The .NET framework relies on ActiveX in the background. Try opening a connection to a SQL Server database using the SQL Server connection classes on a fresh Win2K box with the .NET runtime.
.NET framework DOES increase security from the point of view of a managed typed framework, it doesn't really get around the ActiveX issue. As the poster said - ActiveX is inherent in all of MS's past thinking, and it's not going away lightly. .NET isn't an answer, just as C++ isn't an answer. You can lock down a language, but if the underlying technologies are insecure then there'll always be a method of someone doing something bad.
Guess what it says.
"Please install MDAC 2.8".
While the
Actually, parent has a good point (if that is the case). I was not familiar enough with the signing technology to know that they specifically do not set the evil bit.
Joe Llywelyn Griffith Blakesley
[This post is in the public domain (copyright-free) unless otherwise stated]
This is so idiotic. It's like saying, "I can buy these burglar tools that if you leave your front door to your house unlocked, I can steal everything!". Well Duh! God forbit we should be allowed to have tools that can read and write files on the local machine. Perhaps we should outlaw them and allow only those bless by some all seeing government offical to have access to them.
The problem isn't with how powerful the tools are or can be, it's how weak and insecure the person's machine is at the other end. The real vulnerability here lies in the browser's (Internet Explorer) default settings. It should have never been placed on the market with it's default settings set to allow full access to someone else's machine. That was a complete fumble and screwup on MS's part. I don't want to see the tools blamed for a problem with the browser and the local machine's default security settings. Some of us need hose powerful tools to do our job on a corporate level on the corporate infrastructure. In the right hands, they are indispensible.
In typing your admin password?
So one cannot reformat a mounted (in use) partition in Windows. Sorry.
Grow up, kiddo. Polishing up innovations is just as important as coming up with them. How many people on /. have ever really come up with a truly original idea anyway?
I'd try to make up a list of 10 things, but I'm not sure what the poster has in mind. Perhaps someone familiar with what goes on at Microsoft, especially Microsoft Research, can come up with one.
My Sig fried. Don't leave your Sig in the sun too long.