Archive of UserLand's first discussion group, started October 5, 1998.
Re: Fighting Back for the Mac™
Author: Phil Wolff Posted: 1/13/2000; 8:59:05 AM Topic: Now it makes more sense Msg #: 14427 (In response to 14426) Prev/Next: 14426 / 14428
An ounce of prevention...Any opportunities for mischief in this? JavaScript has been crippled a bit (inability to write to the hard disk, for example) to prevent many of the security risks present in ActiveX. Does adding "XML-RPC" support to a human-supporting browser open a door for unauthorized access to the file system or to data held in the browser's object model?
Memories of a 1997 JavaOne keynote by Scott McNealy. Miko demoed a web-downloaded ActiveX control called Internet Exploder developed by Fred McLean to show security holes. The control shut the computer down. Upon reboot, it formatted a floppy drive, found a user's install of Quicken, wrote a check. the transcript. I'm sure Microsoft closed most of those doors since; does this open a new one or can we rely upon the rest of the browser to protect the user?
There are responses to this message:
- Re: Fighting Back for the Mac™, Dave Winer, 1/13/2000; 9:01:44 AM
This page was archived on 6/13/2001; 4:54:05 PM.
© Copyright 1998-2001 UserLand Software, Inc.