Netscape 8 to Emphasize Security

wikinerd writes "Netscape is building Netscape 8 which will include several anti-phishing enhancements and will emphasize security. Netscape obtains blacklists of scam and spam sites which will be denied access to ActiveX and cookies. RSS capabilities will also be included in Netscape 8, which will be released on 17 February."

ActiveX

[rdc_uk]

Try just not putting it in at all...

Re:ActiveX

[sremick]

The other sad fact is that by compensating for the sites that use ActiveX, you stop giving them any incentive to stop using it.

They win, we (including you) lose.

The whole idea is to pressure sites to clean up their code, make it standard, and stop using ActiveX. You do that by increasing the marketshare of browsers that DON'T accept bad/nonstandard code and DON'T use ActiveX.

If you allow sites to be crap, they'll happily do so. It's the whole "give them an inch..." thing.

Someone once referred to this as a big game of chicken. Netscape loses by blinking and putting in ActiveX. This removes a lot of the pressure sites have to wake up and stop making their pages IE-only.

It's very unfortunate for all of us.

ActiveX on Netscape

[gambit3]

When did THAT happen?

I thought that was one of the reasons to use Netscape/Mozilla/Firefox.... cuz they DIDN'T support ActiveX... ??

Two words: Name Recognition

[RLiegh]

until fairly recently, most PHBs have never heard of 'firefox' or 'mozilla'. Even now, those who have do not have a clue that all three are related.

The do know the name 'netscape', however; and it's a safe, corporate-friendly name (unlike mozilla or firefox).

Blacklists don't work

[Jack+Taylor]

The decision to use blacklists with ActiveX is an unfortunate one. In an environment as fluid as the internet scam industry, there will be vastly more new sites set up than human-controlled blacklisting can stop, especially if web servers are set up on botnets of unsuspecting home XP users. Let's just hope the default rendering engine will be Gecko.

Having said that, there are a few javascript phishing techniques that work perfectly well in Firefox with Gecko...

Blacklisting ActiveX - Backwards!

[DevolvingSpud]

It seems to me that it would be much, much more secure to allow the user to whitelist sites they wanted to use ActiveX on. For example, Windows Update, and my stupid online paystub page.

I only have a handful of pages that I *need* ActiveX on, and the rest can go pound sand.

Solves the problems of Netscape having to maintain the lists, too.

Re:ActiveX to load a Direct3D game

[sremick]

How do you make a Direct3D game load from a web site without loading through an ActiveX control?

You don't. You use something that's actually cross-platform and isn't Windows-specific. Not all internet users run Windows (I sure don't). It's the internet, not the Wintelnet.

What about client-side apps that access the file system, such as an ActiveX virus scanner?

They shouldn't. That's not the place for such things. Convenient? Sure. Worth the price? Hell no. There are far better ways to scan for viruses than to give websites full access to every file on your computer.

An analogy would be saying that unless you leave your doors unlocked at all times, how is the cable guy going to fix your TV? Or the telephone guy fix the static on your lines? Or the furnace guy fix the boiler? Sure, we get robbed ever week... but we've GOT to leave our house unlocked for these other things.

And some of us run operating systems that don't get viruses anyhow.