lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20031008113326.GA11596@doxdesk.com>
From: and-bugtraq at doxdesk.com (Andrew Clover)
Subject: IE Changes / Software Patents

Mark <marklist@...cast.net> wrote:

> I wonder how many users will know that they can close the window, 
> opting not to display the activeX, instead of hitting OK

Actually this is not the case (in the interim update anyway -
presumably the final IE6SP1b will be similar). Closing the window
does the same as clicking 'OK'. Blocking ActiveX must still be done
using the normal security settings.

(The only way to stop the plugin once one has reached the pointless
dialogue is to kill the iexplore.exe process.)

> It's pretty bad design to give the user a choice with only one 
> option....

I think this is deliberate. Faced with having to add a pointless
legal contrivance, MS have made it as obviously stupid as possible.
Perhaps this will encourage web authors to update.

-- 
Andrew Clover
mailto:and@...desk.com
http://www.doxdesk.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ