Slashdot Mirror

← Back to Stories (view on slashdot.org)

Brian Hook on the ActiveX Experience

Posted by Hemos on from the poorly-made-and-maintained dept.

Obiwan Kenobi writes "Brian Hook of id software fame got around to developing on ActiveX and found some minor grievances, particularly in the security department. To quote: "I've been doing some ActiveX coding on the side for a couple days, stuff I'm not familiar with, and I'm just flat out _appalled_ at how bad that entire API and design is. I can make an OCX that basically formats your hard drive, stick it on a Web page with a tag, and if your security settings are set low enough, you'll start formatting your hard drive the minute you visit my Web page.""

2 of 523 comments (clear)

  1. Re:Gee, that's news... by realdpk · · Score: 4, Informative

    A signed control can come from anywhere, too. A lot of spyware is signed.

  2. Ever heard of OS X? by Just+Some+Guy · · Score: 4, Informative
    The average user simply isn't willing to have an "administrator" account that they have to use every time they want to install an app.

    My wife isn't terribly computer savvy (at least, she wouldn't be if she weren't married to a CompSci person), but she's perfectly content with Mac OS X asking for her password before updating system software. It's an immediate red flag that something important is about to happen, and I think she'd be extremely hesitant to type it in response to clicking on a link to a web page.

    --
    Dewey, what part of this looks like authorities should be involved?