Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Paul Vet (paul.vetbaldhead.com)
Date: Mon Jun 03 2002 - 09:33:34 CDT
Could you give those of us unfamiliar the specifics of .net a description of
the new security model? In what way is it better?
Is it possible to differentiate between .net Active-X controls, and
"standard" ones? Why would malicious coders bother the use the .net
controls if they will be more restricted when they can just write them in
the old model with 100% system access?
From: Elan Hasson [mailto:elandaryl.org]
Sent: Monday, June 03, 2002 10:13 AM
To: David Garnier; webmasterTHEMCLONES.COM
Subject: RE: Autoexec Prober
.net has a way better security model.
From: David Garnier [mailto:david.garnieririsa.fr]
Sent: Monday, June 03, 2002 3:30 AM
Subject: Re: Autoexec Prober
The security model of Active-X controls goes like that:
"If you allow a digitally signed Active-X control to run, it can do
whatever it wants to do. It is safe because you trust the signer of the
So ok, you demonstrated that Microsoft's view of mobile code security is
flawed, especially compared to the sandbox model of Java.