Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] Cowon Chooses GNU/Linux for Mobile Computer; Corruption of Web Standards (ActiveX) Stands in Way

  • Subject: [News] Cowon Chooses GNU/Linux for Mobile Computer; Corruption of Web Standards (ActiveX) Stands in Way
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Mon, 05 Oct 2009 17:07:58 +0100
  • Followup-to: comp.os.linux.advocacy
  • Newsgroups: comp.os.linux.advocacy
  • User-agent: KNode/4.3.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cowon to expand product categories

,----[ Quote ]
| I assume Cowon may release its first MID with a Linux OS 
| rather than Windows XP. Cowon has one of the best Linux 
| developers and they have worked with several Cowon PMP 
| products in the past, so they would find it easier to deal in 
| the Linux environment and differentiate themselves from other 
| MIDs in the Korean market which are based on Windows XP.
| 
| Also, Linux OS can reduce retail cost. However, it's been 
| their experience that the Linux OS does not really attract 
| customers even though there is WiFi on the Cowon Q5W. Korea's 
| Internet access is limited by ActiveX which has been a 
| stumbling block for the Linux OS for portable Internet devices 
| including laptops.
`----

http://asia.cnet.com/blogs/digihunter/post.htm?id=63014075&scid=rvhm_ms

âAt Microsoft I learned the truth about ActiveX and COM and I got very
interested in it inmediately [sic].â

                                        --Miguel de Icaza


Recent:

Microsoft ATL/MFC ActiveX Type Confusion Vulnerability

,----[ Quote ]
| Remote exploitation of a type confusion vulnerability in Microsoft Corp.'s
| ATL/MFC ActiveX code as included in various vendors' ActiveX controls, could
| allow an attacker to execute arbitrary code within Internet Explorer (IE).
| Microsoft's Component Object Model (COM) was designed to allow
| interoperability between disjointed software components. It is a standardized
| interface solution to the programming dilemmas involved in object oriented
| programming, distributed transactions, and inter-language communications.
| Microsoft's Active Template Library (ATL) is a set of C++ templates that
| simplify developing COM objects.
`----

http://www.securiteam.com/windowsntfocus/5TP0X0AS0S.html


ActiveX Regulations in South Korea (revisited)

,----[ Quote ]
| ActiveX control is widely used by Internet Explorer to load applications or
| components in Windows. Itâs a useful piece of control, but is not without
| issues. In fact, ActiveX is known for security problems.
|
| Despite security short-comings, ActiveX had been welcomed into the community
| and flourished. Surprisingly, more so in banks where security is a top
| priority. Believe it or not, ActiveX is so widely used that the South Korean
| government decides to make it compulsory for all banks to have it.
|
| Other major browsers have resisted supporting ActiveX. Until now. Google
| Chrome has now decided to support ActiveX, but only in South Korea.
`----

http://www.mobinode.com/2009/01/16/activex-regulations-in-south-korea-revisited/


ActiveX bugs pose threat to Vista, Microsoft reports

,----[ Quote ]
| Although computers running Windows Vista are significantly less likely to be
| infected with attack code than machines running Windows XP, the newer
| operating system continues to be threatened by Microsoft Corp.'s own ActiveX
| browser plug-in technology, according to a report issued Monday by the
| company.
`----

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9118879


Microsoft probing ActiveX attacks targeting Access feature

,----[ Quote ]
| The vulnerability only affects the ActiveX control for the Snapshot Viewer
| for Microsoft Office Access 2000, 2002 and 2003.
`----

http://news.cnet.com/8301-10784_3-9984823-7.html?part=rss&subj=news&tag=2547-1_3-0-20


Report: ActiveX, QuickTime are buggiest browser plug-ins

,----[ Quote ]
| Microsoft's technology, primarily used to create add-ins for Internet
| Explorer, accounted for 79 per cent of the 239 plug-in bugs discovered
| between July and December 2007, Symantec said.  
`----

http://www.linuxworld.com.au/index.php?id=1680415280&rid=-50


New Attack Kit Targets Bag of ActiveX Bugs

,----[ Quote ]
| Bugs in ActiveX, a Microsoft technology used most often to create add-ons for
| the company's Internet Explorer (IE) browser, have always been common, but so
| many serious flaws have been disclosed of late that some security experts
| have recommended users do without them.  
`----

http://www.pcworld.com/article/id,144214-pg,1/article.html


Be prepared: ActiveX attacks will persist

,----[ Quote ]
| A recent string of high-profile ActiveX vulnerabilities caused the U.S.
| Computer Emergency Readiness Team (US-CERT) to advise users to disable the
| ubiquitous Microsoft browser plug-in technology altogether.  
`----

http://www.infoworld.com/article/08/02/19/08NF-activex-horror_1.html


Will Microsoft Change How ActiveX Runs in IE 8?

,----[ Quote ]
| Some security experts, like Will Dormann, a vulnerability analyst at the
| Carnegie Mellon Software Engineering Institute CERT/CC, are calling for
| ActiveX to be disabled from running by default in IE 8.  
|
| Dormann is telling IE users that they should, from a security perspective,
| disable ActiveX controls from running by default. "It would be nice if this
| is something Microsoft did with the next version of the browser," he said.  
`----

http://www.eweek.com/c/a/Security/Will-Microsoft-Change-How-ActiveX-Runs-in-IE-8/


Related:

Rogue ActiveX controls menace users

,----[ Quote ]
|  Flaws in ActiveX controls are being increasingly used to run security
|  exploits.
|
| [...]
|
| An attack exploiting this vulnerability can lead to arbitrary code execution
| by a remote attacker," a blog posting by Symantec researcher Parveen
| Vashishtha warns.  
`----

http://www.theregister.co.uk/2007/10/24/activex_vulns/


RealPlayer Attack Circulating

,----[ Quote ]
| The attack exploits a flaw in an ActiveX browser helper object, software that
| RealPlayer employs to help users who are experiencing technical difficulties,
| so the PC must be using the Internet Explorer browser to be affected by this
| particular attack, Symantec said.  
`----

http://news.yahoo.com/s/pcworld/20071020/tc_pcworld/138706


Yahoo! battered by second ActiveX vulnerability

,----[ Quote ]
| The vulnerabilities affect versions of Yahoo! Messenger 8.x prior to version
| 8.1.0.419, released late last week. Users are urged to upgrade.
`----

http://www.theregister.co.uk/2007/09/03/yahoo_activex_vuln/


Way Too ActiveX

,----[ Quote ]
| Today, over at Symantec's Security Response Weblog, Greg Ahmad
| reveals startling--and I do mean shocking--increases in ActiveX
| vulnerabilities. According to Symantec, ActiveX vulnerabilities
| stayed in the 12- to- 15-a-year range from 2002 to 2005. For
| 2006, the number of vulnerabilities "reached 50," with 42 in
| the second half of the year--coincidentally, the same time
| period Microsoft finished up and released Internet Explorer 7.
`----

http://www.microsoft-watch.com/content/security/way_too_activex.html?kc=MWRSS02129TX1K0000535
http://tinyurl.com/33cfno


Acer puts Active X hole on laptops

,----[ Quote ]
| Laptop outfit Acer seems to have placed an Active X control on its
| computers that seems to allow webpages to execute any program.
|
| This huge hole in network security has been installed on board Acer
| lap-tops since 1998.
`----

http://www.theinquirer.net/default.aspx?article=36773


Adobe Confirms 'Critical' Reader, Acrobat Exploits With IE

,----[ Quote ]
| A critical security vulnerability in an ActiveX control used by
| Internet Explorer could allow malicious hackers to use Adobe's
| Reader and Acrobat software to launch PC hijack attacks,
| according to a warning from Adobe Systems.
`----

http://www.pcmag.com/article2/0,1895,2066079,00.asp


Month of ActiveX bugs project begins with two Office flaws

,----[ Quote ]
| A hacker known as shinnai kicked off his "Month of ActiveX Bugs"
| (MoAxB) project with a bang by exposing a number of severe
| vulnerabilities affecting OCX controls in Microsoft Office.
`----

http://scmagazine.com/us/news/article/654659/month-activex-bugs-project-begins-two-office-flaws/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkrKGd4ACgkQU4xAY3RXLo71QwCfYVUkHAQy5KIub6iD/zHAsC4U
cdcAnianNWL+KqVkfYypUpzHtra0txN5
=seEq
-----END PGP SIGNATURE-----

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index