• Register
  • Help
Results 1 to 10 of 10

Topic: ActiveX

Share/Bookmark
  1. #1
    Senior Member rwayland's Avatar
    Join Date
    Jun 2004
    Location
    California Redwoods
    Posts
    2,938

    ActiveX

    If I disable ActiveX, how will this effect GPO (or Sonar)?

    Richard

  2. #2

    Re: ActiveX

    I don't think it should affect it in the least. Active X is a web-interface component for IE. Lots of security issues with it.

    Perhaps you're thinking of Direct X?

  3. #3

    Re: ActiveX

    Sorry, I can't help you with this problem but everytime I see a post from you, Richard, I see this signature line:

    NLHAN TYHVE UKTDZ LMTEI FFZLI HCXMO LMBMC GDCCX
    Is it a coded message?

    Just wondering...
    [Music is the Rhythm, Harmony and Breath of Life]
    "Music is music, and a note's a note" - Louis 'Satchmo' Armstrong

    Rich

  4. #4
    Senior Member rwayland's Avatar
    Join Date
    Jun 2004
    Location
    California Redwoods
    Posts
    2,938

    Re: ActiveX

    Reeqs: ActiveX is the issue. I just received 2 cert advisory messages today. I rarely use IE, but I will probably disable it.

    There is also an issue with DirectX, but I have not thought much about it.

    Richard: Yes, it is an encrypted short comment. I wondered if anyone would notice, and decrypt it. I have tried to crack it without using my knowledge of how it was encrypted. It seems that it is close to impossible because the message is too short to provide a decent sample to analyze. I have tried with two computer programs, and can't make a dent. Not only is the cipher short, but the key is short, and standard frequency analysis can not be successfully applied. Perhaps someone with more experience and more advanced software can break it, but I can't, even if I specify the length of the key! Maybe I have stumbled upon something interesting, but probably useless when public key encryption is considered. This cipher system is usually susceptible to cracking by the old fashioned way, pencil and paper.

    Richard

    addendum: I just checked an noticed I had already disabled Active X, probably a long time ago! I would probably disable Direct X if I knew how, and was sure of the effects on GPO, Sonar, Sibelius.

    Richard
    Last edited by rwayland; 07-07-2009 at 12:23 AM. Reason: add

  5. #5

    Re: ActiveX

    Richard, I have tried several methods to crack your code over several weeks. None have succeeded. I tried various substitutions (I found a cool excel spreadsheet that makes this easier!), Atbash, the Caesar Shift, and ones I used when much much younger. Nothing seems to work. How did you create this thing? Maybe the context would help.

    EDIT: "Length of the key..." hmmm, a clue!
    In theory there is no difference between theory and practice, but in practice there is.

    http://reberclark.blogspot.com http://reberclark.bandcamp.com http://www.youtube.com/reberclark

  6. #6
    Senior Member rwayland's Avatar
    Join Date
    Jun 2004
    Location
    California Redwoods
    Posts
    2,938

    Re: ActiveX

    Quote Originally Posted by reberclark View Post
    Richard, I have tried several methods to crack your code over several weeks. None have succeeded. I tried various substitutions (I found a cool excel spreadsheet that makes this easier!), Atbash, the Caesar Shift, and ones I used when much much younger. Nothing seems to work. How did you create this thing? Maybe the context would help.

    EDIT: "Length of the key..." hmmm, a clue!
    Well, it is neither a Caesar nor Atbash. It is not simple substitution, which generally is not too difficult even without a key. I have lately begun working cryptograms on line, , and never have I attempted to derive a key, and I solve most of them, the longer ones usually being easier. I have returned to crypto for relaxation and to keep my thinker thinking. Even if I told you the system I used, this one seems immune to cracking -- partly fortuitous, partly my cleverness is selecting the text to encrypt.

    I would be interested in what spreadsheet setup you are using, as just this morning I was considering setting one up even though I have software that will do most (maybe all) of the drudgery. If the cipher is of sufficient length, it can derive the key and decrypt! But that is not much fun, unless I know how to do it with pencil & paper!

    The software is free, downloadable, and seems quite good, good credentials. If you are interested, I will send you details.

    Richard

  7. #7

    Re: ActiveX

    while decoding your signature is oodles more interesting, allow me to return to the original topic, just to clear things up a bit.

    ActiveX is a client side scripting language - that is, it is code that runs on your local computer. As a rule, this is a REALLY BAD practice. You can not trust that someone has not put malicious code into the download, so anytime you run an ActiveX script you are gambling.

    There are other client side scripting languages, and frankly, they are all a bad idea, but sadly they are all an idea that isn't going away any time soon. That's enough ranting<G>

    DirectX is a system of programs that provide your multimedia experience, consider them a layer of code that sits between an application and the audio and video hardware (and game controllers, MIDI interfaces, etc).

    I suppose it is possible to infect a computer by infecting a DirectX component, but it seems to me that it would be more effort than it was worth.

    Removing or disabling DirectX would almost certainly cause you many more problems than it would solve! First of all, you'd probably have no display, since I am unaware of a modern display driver that doesn't use DirectX. You'd probably also lose all audio and MIDI, although there are ways to bypass some layers of DirectX for audio interfaces.

    If you are having issues with DirectX there is a diagnostic tool that can isolate the bad components (usually end up being something provided by a hardware manufacturer in a driver update). It's probably already installed on your computer - check the control panel. If it is not visible, or not installed, you can download it from MS.

    Which leads me back to my previous rant...

    What is the one thing you can not do without ActiveX? Windows Update of course!

    Is there irony there?

    Not trying to start a religious war here, but my recommendation to anyone that asks is to use Firefox, Google Chrome, Safari, or Opera as your primary browser. None of them will run ActiveX components. Keep Internet Explorer installed to talk to MS web pages. In the advanced configuration section set all options for client side scripting to "prompt". This will give you a more-than-fighting chance to avoid malware.
    Bill Thompson
    Audio Enterprise
    KB3KJF

  8. #8
    Senior Member rwayland's Avatar
    Join Date
    Jun 2004
    Location
    California Redwoods
    Posts
    2,938

    Re: ActiveX

    Quote Originally Posted by wst3ae View Post
    . . .
    If you are having issues with DirectX there is a diagnostic tool that can isolate the bad components (usually end up being something provided by a hardware manufacturer in a driver update). It's probably already installed on your computer - check the control panel. If it is not visible, or not installed, you can download it from MS.. . .




    Not trying to start a religious war here, but my recommendation to anyone that asks is to use Firefox, Google Chrome, Safari, or Opera as your primary browser. None of them will run ActiveX components. Keep Internet Explorer installed to talk to MS web pages. In the advanced configuration section set all options for client side scripting to "prompt". This will give you a more-than-fighting chance to avoid malware.

    Well, that was a very good explanation. Thank you I am not experiencing problems with either, just trying to prevent them. I have received cert alerts on both.

    I use Firefox almost exclusively, with Norton, and have experienced no security problems.

    Richard

  9. #9

    Re: ActiveX

    I did a quick search and could find no CERT warnings about DirectX vulnerabilities... can you please provide links or send me info via PM? I am not extremely curious<G>!

    Thanks,

    Bill
    Bill Thompson
    Audio Enterprise
    KB3KJF

  10. #10
    Senior Member rwayland's Avatar
    Join Date
    Jun 2004
    Location
    California Redwoods
    Posts
    2,938

    Re: ActiveX

    Quote Originally Posted by wst3ae View Post
    I did a quick search and could find no CERT warnings about DirectX vulnerabilities... can you please provide links or send me info via PM? I am not extremely curious<G>!

    Thanks,

    Bill
    Well, I kept the cert advisory where it would stare at me daily, but the work around was complicated, and I finally decided to dump it and be cautious. There was a work around, that Carnegie-Mellen offered because they said the MS solution was flawed. But now I can not find anything on it. You might find something in the MS knowledge base, possibly as old as three months.

    Richard

Go Back to forum

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •