 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
MS Access Forum / ActiveX Controls / April 2004Is Active-X really so bad?
In my house we like to download to Yahoo LAUNCH music video clips. http://launch.yahoo.com/. I use IE because Firefox and Opera do not work on sites like this. Following some warnings about Active-X I went to IE > Tools > Internet Options > Security > Custom level > and set the following: (1) Download signed Active-X controls - PROMPT (2) Download unsigned Active-X controls - PROMPT (3) Initialize and script Active-X controls not safe - PROMPT (4) Run Active-X controls and plug-ins - PROMPT (5) Script Active-X contols marked safe for scripting - PROMPT The result now is that Yahoo LAUNCH (and other web sites) are almost unusable because some message pops up asking if I approve of this or that to do with Active-X. I would *never* accept a program via Active-X whether it is marked as safe or not. So do I really need to switch off all these Active-X options in order not be be exposed to some danger? --- As a bit of background, I found this: http://www.cs.princeton.edu/sip/java-vs-activex.html "The main danger in ActiveX is that you will make the wrong decision about whether to accept a program." Is that the main danger? That's all? I can live with that! But is that site incorrect in what it suggests? Another site says: "some security experts say ActiveX does not deserve its bad reputation". http://www.newsfactor.com/story.xhtml?story_id=20390 So mayb eit is all overstated by some people? Can you folks here please advise me on how to proceed. Should I set (4) about to ACCEPT? Or instead should I use the "trusted sites" feature in IE? Or both? Or something else? Thanks! Add the site(s) to your IE Trusted Sites - does that help? > In my house we like to download to Yahoo LAUNCH music video clips. > http://launch.yahoo.com/. I use IE because Firefox and Opera do [quoted text clipped - 38 lines] > > Thanks! Have you added Yahoo to your TRUSTED zone? Beware of unknown sites if you turn on ActiveX but you can have some Trusted sites to avoid having to ok scripts and ActiveX.  Signature************************************************ g-w > In my house we like to download to Yahoo LAUNCH music video clips. > http://launch.yahoo.com/. I use IE because Firefox and Opera do [quoted text clipped - 38 lines] > > Thanks! > In my house we like to download to Yahoo LAUNCH music video clips. > http://launch.yahoo.com/. I use IE because Firefox and Opera do [quoted text clipped - 38 lines] > > Thanks! Short answer is that if you only go to reputable sites you aren't likely to have a problem. I have browsed with ActiveX on for years using MS Internet Explorer and haven't had trouble. However, I stay away from seedy sites, cracker sites etc. Unfortunately it only takes one rogue site and you'll have a problem. I regularly run Adaware6, Spybot and a anti-virus program. The only thing I regularly find are some dull tracking cookies. Billh Install Spyware Blaster from here http://www.javacoolsoftware.com/spywareblaster.html and use the Immunize feature that comes with Spybot and that will keep tracking cookies and also from any site from hijacking your browser. > Short answer is that if you only go to reputable sites you > aren't likely to have a problem. I have browsed with ActiveX [quoted text clipped - 4 lines] > anti-virus program. The only thing I regularly find are some > dull tracking cookies. Billh But what exactly is it that might happen to their PC if they go to a rogue site? > > Short answer is that if you only go to reputable sites you > > aren't likely to have a problem. I have browsed with ActiveX [quoted text clipped - 7 lines] > But what exactly is it that might happen to their PC if they go to > a rogue site? A PC that is not properly patched, even without active-x controls, will run the risk of being compromised by back-doors, droppers, etc... If you visit new sites with Internet Security set to "Highest" you stand a much better chance of NOT being compromised. I've seen sites open shell apps that can actually run code at the users privileges level on their system, you should always run as a User level account on a Windows box when not performing administration functions. Signature-- spamfree999@rrohio.com (Remove 999 to reply to me) > But what exactly is it that > might happen to their PC if they go to a rogue site? An ActiveX control is a bit like a Java applet, but it is a real (executable) program. That means that it runs with the exact privileges of whatever user is logged-in, but without the protection offered by the Java sand-box (which is pretty good, even if not perfect). I leave the rest to your imagination. SignatureMailman >> But what exactly is it that might happen to their PC if they >> go to a rogue site? [quoted text clipped - 6 lines] > > I leave the rest to your imagination. Can such a program run automatically or does the user have to click something to allow it to run? Runs automatically if that's how you've setup IE. YOu can ask IE to ask your permsision to run ActiveX programs when it detects them, but it doesn't explain to you what it will do or anything. Hope this is useful to you. Let us know. rms >>>But what exactly is it that might happen to their PC if they >>>go to a rogue site? [quoted text clipped - 9 lines] > Can such a program run automatically or does the user have to click > something to allow it to run? |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.