[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <009801c38d92$9dc486f0$4802a8c0@Security>
From: joel at helgeson.com (Joel R. Helgeson)
Subject: IE Changes / Software Patents
Does anyone care to wager how many security vulnerabilities Microsoft will
create by making this change?
Joel R. Helgeson
Director of Networking & Security Services
SymetriQ Corporation
"Give a man fire, and he'll be warm for a day; set a man on fire, and he'll
be warm for the rest of his life."
----- Original Message -----
From: "Rainer Gerhards" <rgerhards@...adiscon.com>
To: <full-disclosure@...ts.netsys.com>
Sent: Tuesday, October 07, 2003 2:36 PM
Subject: [Full-Disclosure] IE Changes / Software Patents
> I just found a very interesting effect of software patents:
>
> http://www.microsoft.com/presspass/press/2003/oct03/10-06EOLASPR.asp
>
> As was posted on this list not so far ago, Microsoft lost a case against
> Eolas on some aspects of ActiveX embedding in IE. Their technical
> reaction is a good sample of what software patents cause:
>
> http://msdn.microsoft.com/ieupdate/activexchanges.asp
>
> In short
>
> - a lot of web pages are broken (even PDF should not work in all cases)
> - the user will become educated to press OK on popups even more often
> - wild workarounds are created (base64 encode the parameter instead
> passing it clear-text) to avoid patented code
>
> That last point is not written directly in the msdn document, but I read
> between the lines this will be the preferred workaround.
>
> Isn't that nicely?
>
> Rainer
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Powered by blists - more mailing lists