The myth of java applet being more secure than ActiveX component

Many IT organizations do not allow ActiveX controls (signed or unsigned) to be downloaded and installed on corporate PCs. Many security experts have written at length about the security hole a malicious ActiveX control can create. These same people, don't say much about security hole a signed Java applet can create.

About Me

My Photo
Name:Manoj K. Srivastava
Location:Ellicott City, Maryland, United States

View my complete profile

Tuesday, June 21, 2005

A conspiracy of the Microsoft haters?

Lets face it whenever it comes to deploying any technology produced by Microsoft, there are always two camps: one which loves it for its simplicity and ease of use and the other which hates it just because it came from the "evil empire".

The case of ActiveX vs. Java Applet is even more polarized since it also involves a technology produced by Sun Microsystems, by far the most visible Microsoft adversary.

I hope after reading this blog, you examine the security issues related to ActiveX and Java applets in a technology neutral manner as both can be written in a secure or malicious way.

posted by Manoj K. Srivastava | 4:18 PM