On 3 Dec 2006 at 18:19, Robert Citkowitz wrote:
> >I believe I got this problem after allowing an activex control from a
> >web site
>
> Are there any guidelines for knowing when to allow or block ActiveX,
> when in an unfamiliar (but safe-seeming) site?
Briefly, no.
ActiveX is a system which allows a web site to download code into your
machine and run it from your browser; that code can do anything that a
program running on your machine "as you" could do. Microsoft has tried to
add security onto this system, including "marking as safe" and "signing" of
code, but every such add-on has needed some way for the user to override it
for specific exceptions, and malware authors have eventually found ways to
either fool users into making exceptions for their "products", or making one
infestation masquerade as the user to let in others.
Currently, you have the option to disable it, at the cost of becoming
unable to use sites that require it.
If you live in a large city, you probably have a good idea that bad things
are more likely to happen to you in some parts of the city than in others;
even if you don't, if you watch TV and movies they've probably given you
some cues to watch for to get some general idea what parts of a city are
more dangerous than others.
While the same is generally true of the web, there's no way to be certain
on any given day that someone hasn't contaminated your favourite website --
or hijacked your browser -- to deliver malware to your PC while you're
viewing the web. Such contaminations are likely to be found and fixed
quicker in the case of popular sites with a dedicated (and competent) staff,
but the difference between "safe-seeming" and "safe" is like the Mark Twain
quote "The difference between the right word and the almost right word is
the difference between lightening and the lightening bug."
David Gillett
PCSOFT maintains many useful files for download
visit our download web page at:
http://freepctech.com/downloads.shtml
|
