ActivexTechnology is one of several key MicrosoftImprovements that is backfiring on MicrosoftCorporation in this AgeOfMalware.
What is ActiveX
A ComComponent that is "Internet enabled", slimmed down from the OLE to support "content push". It was a huge success in the battle to wrestle market share from NetscapeNavigator's plugin architecture.
As a competitor to JavaLanguage, it may have checked the growing demand for Java because ActivexTechnology can be delivered through much cheaper mechanisms such as VbClassic and ActiveXscripting. As the market share of MicrosoftWindows grew, it made business sense for developers to think first of ActivexTechnology, further aided by its ability to deliver superior "user experience". The price was platform independence.
- It has "built-in" licensing mechanism to allow developers of ActivexTechnology to benefit from developing ActiveX products.
see
And from the vendor archives, see
- http://msdn.microsoft.com/archive/default.asp?url=/archive/en-us/dnaractivex/html/msdn_faq.asp ( BrokenLink )
the article stated the intent to have Activex adopted as international standard.
History of ActiveX
News about ActivexTechnology
Dec04 discovered flaw helps phishing (a type of SocialEngineering) scams even for WindowsXp SP2 machines at
ActivexSecurity
What ActiveX offers, in the form AuthentiCode (DigitalSignature for components), is not so much security as accountability. AuthentiCode is designed to make it hard to spoof a component's credentials. This permits you to decide whether to download and run a component based on whether you trust the component's creators. Once you've said "yes", an ActiveX component has no restrictions on what it can do.
Resources
- JavaBeans vs ActivexTechnology
- This article is from 1997. Just how pertinent is it now at the end of 2004?
Now a liability
see
MS article above was selling the benefits of autodownload, transparent installation at the time of publication.