Slashdot Mirror
South Korea Begins To Deprecate ActiveX
jones_supa writes The reliance on proprietary technologies to deliver web services varies from country to country. South Korea's ActiveX problem has been in the news before. Yonhap brings us a short report that the government plans to finally start cleaning up this troublesome technology from public websites later this month, as Korea gears up to create a more friendly Internet environment. The country's online financial websites and shopping malls often use ActiveX to have their payments and identification programs securely downloaded to users' personal computers.
You;re thinking of North Korea.
The main difference that makes HTML5/JS/CSS "open" in this case is that any person or company can use the technology free of charge in any capacity without fear of a copyright claim or demands for payment. With ActiveX, only the end users who write scripts may use it free of charge. If you want to implement it in a browser or some other capacity, you have to sign a licence agreement with Microsoft or get sued. That's what "open" means in this case though I fully understand and agree with the FOSS community that this is not what "open" should mean but, I'll take it over the alternatives we have at the moment.
"Be particularly skeptical when presented with evidence confirming what you already believe." -
"ActiveX is a software framework created by Microsoft that adapts its earlier Component Object Model (COM) and Object Linking and Embedding (OLE) technologies for content downloaded from a network, particularly in the context of the World Wide Web. It was introduced in 1996 and is commonly used in its Windows operating system. In principle it is not dependent on Microsoft Windows, but in practice, most ActiveX controls require either Microsoft Windows or a Windows emulator. Most also require the client to be running on Intel x86 hardware, because they contain compiled code." HTML5 is a standards based format, so is CSS. JavaScript has been standardized in the ECMAScript language specification.
South Korea is a very advanced and prosperous country, with income levels broadly similar to the European average. They most certainly have computers.
I worked with ActiveX technology close to 15 years ago. It was a much simpler era, where there was little need to worry about platforms other than Windows+IE, and where most of us hadn't really caught on yet to how ruthless the hackers were going to become. And frankly there wasn't a whole lot of alternative for pushing real app functionality from the web in those days. Some people were using Java, which certainly wasn't any more secure, and eventually Flash began to gain traction. So it's not completely hard to understand how we got where we are.
China
In case anyone is wondering what ActiveX is, it's essentially a Windows program you download that runs natively on your computer. It gets to draw to the specified element in the browser, which makes it look like it's part of a webpage. There isn't (or wasn't) any kind of sandboxing or security once the ActiveX component was installed - it could do anything it wanted on your computer like any other Windows program, because that's essentially what it was. The only security was whether or not you installed the ActiveX component in the first place. If I remember correctly they are really just DLLs, and used Component Object Model for the standard in which the DLL exposes methods, etc.
Better known as 318230.
Anyone can read the HTML5, CSS and Javascript specs, and implement them. Only Microsoft can read the ActiveX spec and implement it.
If you want to implement it in a browser or some other capacity, you have to sign a licence agreement with Microsoft or get sued.
That's an outright lie.
I don't see how that's the case.
Maybe you are trying to start some kind of pedantic discussion, but I don't really understand your argument. The reality is:
ActiveX: Works on MS Windows running IE.
HTML5/JS/CSS: Works on Android, IOS, MacOS, Linux, Solaris, the BSDs, Chrome, Windows, Windows Phone, etc.
You can play with definitions all you like, but you are not locking yourself into a single vendor like you do with ActiveX.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
In the 80's, before China opened up, everything was 'made in korea'. Korea's huge industrial success was what lead, in part, to China's economical thaw.
I've written many ActiveX controls, some for use in a browser, some not.
At no point was I required to sign or agree to a license to do so.
You can make ActiveX controls with any compiler that supports WIndows and will create DLLs with C++ calling conventions that match the MS style ... So pretty much all Of them.
ActiveX is no different than XPCOM ... Which is at the very core of Firefox, it's just a convention for generic, self describing plugins and is fully publicly documented.
The only insightful thing about your post is that slashdot has fallen to the point that this sort of ignorance is so commonplace that you got modded to +5
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
I've written many ActiveX controls, some for use in a browser, some not.
At no point was I required to sign or agree to a license to do so.
With requiring a license he was talking about creating the ActiveX runtime environment for a web browser.
Two decades ago would be about when Hyundai cars were introduced to Europe. That is pretty significant, we don't hear of cars from Vietnam or even China (I believe China has a huge car industry, but it's not sold globally and we can't even cite one constructor from China whereas I know S.K. has Samsung, Kia, Hundyai and SsangYong. I forgot Daewoo cars)
A decade ago : South Korea known for being where most RAM is made, and then a ton of flash memory as well. We can't have our PC compatibles and shit without South Korea, in the same way we can't do without Taiwan for the motherboards or Thailand for the hard drives.
There is a huge difference between being locked into a single vendor and being "locked in" to every major platform of the day.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
They tried it for a while - N. Korea had a special zone just across the border where South Korean companies could send in managerial staff daily, but it turns out that such a scheme is not sustainable in the political climate that exists between the two Koreas. I don't think many South Korean companies are interested any more in having a factory that they can be closed down on a whim every time the supreme leader has a tantrum.
I've written many ActiveX controls, some for use in a browser, some not.
At no point was I required to sign or agree to a license to do so.
With requiring a license he was talking about creating the ActiveX runtime environment for a web browser.
No license is required for that either. All ActiveX is, at heart, is a hierarchy of C++ style interfaces (classes with nothing but pure virtual functions) rooted in a single interface (IUnknown), together with a handful of global C functions (e.g. CoCreateInstance). It can be supported on any platform as long as the C++ compiler implements virtual functions with a pointer to a vtable at the beginning of any object with virtual functions. That's every major compiler on every major platform. Actually you can do COM "manually" in plain old C too, so you can do COM anywhere with a C compiler. Put pointer to an array of pointers to functions (the vtable) at the beginning of a struct, if the functions have the proper signatures then the struct is a COM object.
I know this because I've also written many ActiveX and COM components, and ported COM/OLE/ActiveX code to Linux and OS/X. Generally the problem with implementing ActiveX on other platforms has nothing to do with ActiveX itself. The problem is that virtually all ActiveX components are written for Windows and make Win32 calls.
That's only true if you want to run controls that were written for windows. If COM and OLE were supported on other platforms, then presumably people would write COM/OLE components for those platforms, and those would run fine on their platforms.
Back in the 90s, there were some other systems that supported COM/OLE (IBM and Sun Microsystems for example.)
CORBA is practically the same thing, and is available everywhere. The problem with CORBA is that is a typical design-by-committee mess. It ended up way too complicated, even compared to COM/OLE.
The problem that COM and CORBA both solved (or at least tried to solve) still exists, with no commonly accepted solution. The "standard" binary interface between components on every single platform is the C function. That's the only code that can be called directly from (almost) every language without creating "bindings". Not even C++ code from different compilers can be mixed in the same program, because C++ doesn't define the binary interface.
Something like COM or CORBA is still needed. If we had it, and it was universally available, you could expose more than just C functions at the binary level (without bindings or without recompiling everything).
Because of all the years of bad press, nobody is going to believe it, but COM was and is a good idea, and it's completely unencumbered by patents or licensing issues. Being able to combine components written in different languages (or even just different C++ compilers) is a good thing, and is too complicated without something like COM.
If they had stuck with Xenix we may not have ended bottom lip deep in a malware swamp
Could you explain how that might not have happened? Xenix (which became SCO OpenServer) was just Microsoft's port of AT&T UNIX to PCs. UNIX is just as vulnerable to malware as Windows: if you trick the user into elevating to install something, something will be installed.