----------
From: Rich Graves <llurch@networking.stanford.edu> To: cypherpunks@toad.com Subject: Re: Fun with M$ Date: Friday, August 09, 1996 8:46 PM
On Fri, 9 Aug 1996, Jeremey Barrett wrote:
Information page with a link to a page which loads the control:
http://www.halcyon.com/mclain/ActiveX/
Quote from the page:
Exploder is an Active X control which demonstrates security problems with Microsoft's Internet Explorer. Exploder performs a clean shutdown of Win95 and will turn off the power on machines that have a power conservation BIOS (green machines).
I don't see how anyone can call this a bug. Microsoft has chosen what Sun should have: leave the security to the user, don't take it away from everyone. Java has been sverly crippled by the removal of features that would have made applets truly usefull, like local disk access. By leaving these abilities and allowing the user to choose whether or not to run the object, leaves the trusted objects to be truly usefull. Microsoft has even designed a system of trust verification for these objects throught the trust chain and the MS download service. For details on the MS download service look at the july 96 issue of Microsoft Systems Journal. Security should be a user/parent decision not a general ban to protect a few.
I don't see how anyone can call this a bug. Microsoft has chosen what Sun should have: leave the security to the user, don't take it away from
Good, leave it to Joe Sixpack who can bareley figure out how to move files around without deleting half of the system directory . . .
everyone. Java has been sverly crippled by the removal of features that would have made applets truly usefull, like local disk access. By leaving
Java has local disk access. Java _APPLETS_ are not allowed to access local disk (among other things) if the class is loaded from a network source. A class which is loaded from local disk has no such restrictions.
these abilities and allowing the user to choose whether or not to run the object, leaves the trusted objects to be truly usefull. Microsoft has even designed a system of trust verification for these objects throught the trust chain and the MS download service. For details on the MS download service look at the july 96 issue of Microsoft Systems Journal. Security should be a user/parent decision not a general ban to protect a few.
You are just a free to grab the Java class files for an applet and store them on your local disk as you are a CaptiveX component and let them have full run of your system. --- Fletch __`'/| fletch@ain.bls.com "Lisa, in this house we obey the \ o.O' ______ 404 713-0414(w) Laws of Thermodynamics!" H. Simpson =(___)= -| Ack. | 404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43 U ------
participants (2)
-
Dan Siemon -
Mike Fletcher