[ale] spyware and IE

Fulton Green ale at FultonGreen.com
Mon May 24 13:54:05 EDT 2004


On Mon, May 24, 2004 at 01:40:29PM -0400, James P. Kinney III wrote:
> Is any other browser besides IE that is susceptible to the current
> onslaught of spyware? I have been using this as a reason to migrate
> people away from IE. So far, none of my Mozilla/Firefox users have been
> hit with anything (yet). I'm reasonably sure that the underlying
> technology is sufficiently different that the spyware would need to be
> written for the new browsers. But I'm not sure.
> 
> Are these new, evil things (spyware, etc) exploiting browser technology
> or just poor security models in IE?

Is Mozilla able to install ActiveX controls under Windows, or is Moz
still insistent on the Netscape-style plugin architecture?  Most of the
spyware I've seen is dependent upon a user hitting "OK" to the standard
permission-to-install-ActiveX-control dialog.  It's the same process that
lets a user install Sun's JRE and Macromedia's Flash stuff.

But if the spyware is riding on a non-browser platform (e.g., Kazaa or
RealPlayer), then that's an entirely different set of issues.



More information about the Ale mailing list