McAfee AVDCDE-BA-CA User Guide - Page 13
Java, ActiveX, and scripted objects
View all McAfee AVDCDE-BA-CA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 13 highlights
Preface Convergences in the technologies that have resulted from this feverish pace of invention have given website designers tools they can use to collect and display information in ways never previously available. Websites soon sprang up that could send and receive e-mail, formulate and execute queries to databases using advanced search engines, send and receive live audio and video, and distribute data and multimedia resources to a worldwide audience. Much of the technology that made these features possible consisted of small, easily downloaded programs that interact with your browser software and, sometimes, with other software on your hard disk. This same avenue served as an entry point into your computer system for other-less benign- programs to use for their own purposes. Java, ActiveX, and scripted objects These programs, whether beneficial or harmful, come in a variety of forms. Some are special-purpose miniature applications, or "applets," written in Java, a programming language first developed by Sun Microsystems. Others are developed using ActiveX, a Microsoft technology that programmers can use for similar purposes. Both Java and ActiveX make extensive use of prewritten software modules, or "objects," that programmers can write themselves or take from existing sources and fashion into the plug-ins, applets, device drivers and other software needed to power the web. Java objects are called "classes," while ActiveX objects are called "controls." The principle difference between them lies in how they run on the host system. Java applets run in a Java "virtual machine" designed to interpret Java programming and translate it into action on the host machine, while ActiveX controls run as native Windows software that links and passes data among other Windows programs. The overwhelming majority of these objects are useful, even necessary, parts of any interactive website. But despite the best efforts of Sun and Microsoft engineers to design security measures into them, determined programmers can use Java and ActiveX tools to plant harmful objects on websites, where they can lurk until visitors unwittingly allow them access to vulnerable computer systems. Unlike viruses, harmful Java and ActiveX objects usually don't seek to replicate themselves. The web provides them with plenty of opportunities to spread to target computer systems, while their small size and innocuous nature makes it easy for them to evade detection. In fact, unless you tell your web browser specifically to block them, Java and ActiveX objects download to your system automatically whenever you visit a website that hosts them. User's Guide xiii