> Banning ActiveX at the firewall is hardly taking away the MS
> desktops. It's still viable inside the firewall as long as you're
> talking about a relatively trusted environment. If you aren't talking
> about a relatively trusted environment inside you probably shouldn't
> be running an MS desktop anyway.
Oh, definitely. Russ's comment about it not being the whole OLE environment
but rather the web-enabled part of it being the poroblem is right on. The
terminology war, however, is lost... the phrase "ActiveX" is going to be
forever associated with applets, because that's the obvious technology
difference between OLE and ActiveX.
> Not all that inconcievable. There are perfectly viable
> alternatives to an MS desktop for anyone who feels like using
> them.
Unfortunately, no. Not if you want to be able to effectively do business
in America today. Microsoft's file formats are everywhere, and they work very
hard at making sure that nothing but their products can use them effectively.
> Microsoft's desktop will always be completely unable to
> provide any useful security for the exact same reasons as we've seen
> for years and years with Sendmail.
It's worse than sendmail. Eric Allman isn't trying to make Sendmail do
everything (there's no http and nntp in there, for example), and Eric
*is* concerned about security. It's not at the top of the list, but at
least it's *on* the list.
References:
|
|
