>>>>> "Russ" == Russ <Russ .
Cooper @
RC .
on .
ca> writes:
[you guys knew I was going to jump in here before too long, didn't ya?]
Russ> If you were trying to market a support application for your
Russ> Win95-based application, you probably couldn't give a rat's ass
Russ> that the Mac or Solaris users might not use it. Further, if you
Russ> can find a way to securely implement some incredible
Russ> functionality using ActiveX why not use it?
Ask anyone who has ever had to migrate their data from one platform to
another. All the folks who had to move things from the mainframes to
minis, or anything like that. Having data and applications locked up
in proprietary formats is an incredibly stupid idea -- except to the
vendor selling the proprietary crap and the myriad of consultants that
get paid for supporting it.
I'll refrain from getting religious about the issue (for once! :-) and
not go off on any even-less-relevant tangents...
Relevance of this post to security?
Security is the business of RISK MANAGEMENT. Now, there are more
risks to an organization that someone breaking down the firewall,
rummaging around through the internal networks looking for things, and
then going about their merry way. Natural disasters, hardware and
software failure, incompetence, and the like all pose risks to an
organization trying to go about its business.
Building an infrastructure that is completely proprietary guarantees
obsolescence. As soon as The Next Big Thing comes along, it's
entirely possible that a proprietary system simply won't be able to
make the change.
Since the days of ARPANET, we have seen the rise and fall of operating
systems, applications, network protocols, and entire computing
paradigms.
Where is SNA now? Still making proprietary systems in data
processing shops talk to each other. Nobody is using it for
everything, company-wide.
Where is the IBM System/36? Dead. If your data was there, you had
to move it to the AS/400, or do a much more painful move to some
non-EBCDIC machine. Tell me there were no pains in making your
System/36 applications work on the AS/400. And now they've got
AS/400s doing ... yeah, IP.
Where is Netware? Novell is now trying to get folks to use NDS as
the glue that holds -- you guessed it -- IP networks together.
Where is Microsoft? After bringing the entire company to a
screeching halt when it was clear that the Microsoft Network couldn't
overtake many statewide ISPs -- much less the whole Internet, they
repackaged themselves as an "Internet aware" company. And we see the
(security) implications of putting their stuff on untrusted networks.
We have bug-of-the-week, before it's even a very attractive target for
attackers. Sendmail has had its share of problems, but at least
sendmail is _useful_. Microsoft is trying to play the standards game
to take out their more proprietary competitors and actually have a
prayer against companies like Netscape. The only way to keep people
locked into their platform on an open network is to keep the
proprietary hooks of CaptiveX and the Win32 API alive.
So Microsoft is having their day in the Sun, but evening is rapidly
approaching. How well are those ActiveX applications going to work
with those nice, shiny new NCs that start to appear on the desks of
secretaries, and most other office-types?
Is this a risk you want to expose your organization to? It seems to
me that the most prudent path would be to follow a course of platform
independence. It is this feature, after all, that made the Internet
possible, and why IP beat everything.
People who are unable (or refuse) to understand this are doomed to be
steamrolled.
Adam> We had independance from proprietary standards.
Russ> Geez, you make it sound like it was bliss.
You know what? It was nivrvana.
Russ> After all, it was
Russ> Microsoft that invented HTML-based SMTP, wasn't it? or was it?
Why would anyone want to markup a protocol?
Adam> The real reason to not use ActiveX is because you probably don't
Adam> need to
Russ> Wow, this is astute. Since when did need have to be the only
Russ> reason?
Uh... you're willing to admit, then, that [how much] stuff being
pushed on IS types is unnecessary baggage?
Adam> Also, there are all sorts of security problems with Microsoft's
Adam> implementations.
Russ> Um, with the browser, right? After all, ActiveX at the server is
Russ> nothing more than a data file, isn't it, which was, after all,
Russ> the poster question.
A centralized repository of ActiveX objects for an organization would
imply that objects served from it will be able to just about anywhere,
and that users will trust things that come from there. That's an
amazingly fat target for an attacker, who might very well be a
disgruntled employee.
Adam> Many firewalls filter ActiveX, just like you do(?).
Russ> Really? I didn't think we had gotten to the stage of "many" yet
Russ> Adam.
I'm going to agree with Adam. You might be surprised just how many
organizations filter ActiveX, Windoze links, and all sorts of other
things.
I also am quite sure that Adam has done firewalls work for more
organizations than either of us, and is certainly in a position to
know.
--
Matt Curtin Chief Scientist Megasoft Online cmcurtin @
research .
megasoft .
com
http://www.research.megasoft.com/people/cmcurtin/ I speak only for myself
Pull AGIS.NET's plug! Crack DES NOW! http://www.frii.com/~rcv/deschall.htm
References:
|
|
