Windows Firewall any good?

To a home user yes, I would. Many of the home users I come across won't pay for one, in some cases because they're just not interested in knowing why they might need one. So it's much easier for me if I install a free one, sometimes without even telling them it's there.

Jason

I don't have time to mess with Linux even though I have Linux on my network. At this time, all my stuff is in storage along with my other house hold belongings while I am on the road contracting.

I think it's very important for a machine that has a direct connection to the Internet, such as my laptop that has XP pro on a dial-up.

I would suspect so.

All my stuff sits behind a Watchguard FW appliance that's easy to use and configure when I am at home.

I went with the WG because I just don't have the time to be learning something as complicated as Linux, and I was using a Linksys prior to the WG. I just don't have the time or energy to deal with Linux due to me being a programmer and I must always be up to speed technology wise with programming. .NET is taking all my time as I purchase new books on how to use C# and VB.NET with the Framework to it's fullest to make that $$$$.

While on the road with the laptop, it's protected by BlackIce and IPsec to supplement BlackIce, if I have to stop outbound and use Active Ports to view inbound and outbound traffic to from the machine. Some services I have shutdown and some I leave up due to .NET.

I have not had in problems with this configuration to date, but I am always looking.

Duane :)

Yes and no.

The point with ActiveX being insecure comes from four major threats:

1. Many preinstalled trusted controls are insecure.
2. Many trusted third-party controls are insecure, but people trust them.
3. Digital signatures won't tell you that installing an older, insecure control is a bad idea.
4. People don't understand what they're doing when trusting any controls.

The "no" comes from another point: Cross-Domain Security in IE doesn't work, by design, as pointed out at . Without the server enforcing the reference protection (means: you need a trusted environment), you can easily XSS all the way. For Microsoft, the internet seems to be trusted, or they're just inside their illusions of overtaking it. Because it's not, it's outside of IE's security domain.

Oh, yes.

From one single treat: ActiveX is COM - they're both using IUnknown.

Yes. But what does this have to do with ActiveX being secure?

Yours, VB.

What about Authenticode?

It's a proof that MSIE was never intended to be used as a web-browser on the Internet. One doesn't need to pull very common, but not unavoidable problems with ActiveX for that.

What should be?

I don't think so. You're forgetting, that people can be stupid.

Yours, VB.

ActiveX is unsuited for running untrusted controls, but that was never denied. And trusting controls is just a matter of decision, backup up by digital signatures authentication systems; you've got the very same thing in Java, except for a more detailed granularity.

Implementing a security policy on protecting single references (neither double references nor real objects) whereas no object sandboxing is involved is such fundamentally b0rken that I don't assume even the guys at Microsoft were that stupid. I guess they're just being driven by their fantasies of being able to take over the web, in conjunction with release time pressure.

No.

There is no such thing like "scripting safe COM elements" in Java. There is no possibility to use local components which have nothing to do with the plugin concept for Java like you can use COM components with ActiveX.

"Two things are infinite..."

Yours, VB.

It's called Netscape LiveConnect, in conjunction with the AppletContext Java class.

May I remind you that you cannot use every preinstalled COM control with IE? Hey, Microsoft even fixed the ISecurity interface enumeration process. And what exactly is the problem with loading a COM control without being able to pass any parameters due to not-implemented interfaces, besides stability issues?

The first one isn't decided yet, in fact both Superstring/M-theory and Heim's theory predict a pretty large yet closed universe.

COM is the component technology of the Windows operating system. Which operating system bases all its functionality on Java?

For this operating system, LiveConnect would be the same as ActiveX/COM.

LiveConnect on a non Java-based operating system does not compare to ActiveX, because it exposes the VM only, not the OS.

Oh yes, usually you can. Since then it's showed again and again:

Great. I'm really impressed.

Have a look on some COM controls, and you will see. Or just read the text behind the URL above.

;-)

Yours, VB.

JavaOS ;-)

That's an implementation error, not a design error. It got fixed without breaking anything.

The most recent one who had any miserable side effects by plain loading was TlntSvr.EnumTelnetClientsSvr on Windows 2000 Server SP2.