Slashdot Mirror

← Back to Stories (view on slashdot.org)

Brian Hook on the ActiveX Experience

Posted by Hemos on from the poorly-made-and-maintained dept.

Obiwan Kenobi writes "Brian Hook of id software fame got around to developing on ActiveX and found some minor grievances, particularly in the security department. To quote: "I've been doing some ActiveX coding on the side for a couple days, stuff I'm not familiar with, and I'm just flat out _appalled_ at how bad that entire API and design is. I can make an OCX that basically formats your hard drive, stick it on a Web page with a tag, and if your security settings are set low enough, you'll start formatting your hard drive the minute you visit my Web page.""

10 of 523 comments (clear)

  1. Do it by savagedome · · Score: 5, Funny

    I can make an OCX that basically formats your hard drive, stick it on a Web page with a tag, and if your security settings are set low enough, you'll start formatting your hard drive the minute you visit my Web page

    Please. DO IT NOW. Thanks.

    --


    Free XBox, PS2
  2. So... by Aztek · · Score: 5, Funny

    what rock has he been under all these years?

    --
    AZTEK
  3. Easy Formatting by kdark1701 · · Score: 5, Funny

    Well, that would eliminate the problem of people not knowing how to format their hard drive

  4. More Ammo by TSR+Wedge · · Score: 5, Interesting

    That is, more ammo to use when telling people to get off of MSIE. The prospect of having a webpage completely wipe their hard drives clean is something that should scare even the most lackidaisical of users.

    --
    What if the hokey-pokey really is what it's all about?
  5. Hey, I bet he could make money by Anonymous Coward · · Score: 5, Funny

    Setup www.formatmyharddrive.com. Online hard drive formatting, done in minutes, only $5.

  6. Vapor design by Spy+der+Mann · · Score: 5, Insightful

    I think this could be considered as a proof of how ActiveX was vapor-designed by Microsoft to compete with original Netscape's plugins.

    1. Examine more or less how competition works
    2. Quick! Make a prototype and flat-out obvious bugs
    (Missing step: redesign well taking into account security considerations)
    3. Overhype
    4. Profit!

    So now we're stuck with an obsolete plugin model, which Microsoft neglects to fix because this would break backwards compatibility.

    THE END.

  7. Re:Gee, that's news... by Gordonjcp · · Score: 5, Interesting

    If you set your entire filesystem to 777 then loads of stuff will just throw up its metaphorical hands and refuse to run. Try it on a throwaway box some time (actually, User Mode Linux is good for experimenting with Practical Unix Terrorism, but that's a whole other topic).

  8. Re:You know... by The+Cisco+Kid · · Score: 5, Funny

    If you are using IE, I'd be scared to follow any link if I were you.

  9. Re:Gee, that's news... by sepluv · · Score: 5, Insightful

    And what may I ask makes a signed active-X control any less dangerous than an unsigned one?

    --
    Joe Llywelyn Griffith Blakesley
    [This post is in the public domain (copyright-free) unless otherwise stated]
  10. Re:Nothing new. by brunogirin · · Score: 5, Insightful
    I think you're missing the context here. First, this is a personal entry on a site that is read by very few users, it wasn't meant to be "news". Second, Brian, who had never done anything with ActiveX, decides to try the technology "on the side". He has heard all the horror stories about ActiveX but actually *using* the technology makes him realise that all the horror is real and, slightly amazed by his discovery, posts on that site. He is just expressing his dismay at the fact that all the horror stories about ActiveX are not myth but reality. Everyone of us does this: experiment to see for oneself and then share one's experiment with others. The findings might be old news for some but are not without interest.

    In practice, I find this article very interesting for what it is: the findings of someone who is a recognised programmer into a field he has no knowledge about; and that prove that all the ghastly rumours about ActiveX are true, not hype. Now whether it should be on /. is another question.