Re: LYNX-DEV warning: applets flying about

[Alan Cox]

> of threat.  By using its default security level
> (High) that comes pre-set, Internet Explorer 3.0
> will not download and run any "unsigned" control
> such as the one from the CCC.

Tricking people into signing applets is know to be
trivial. Everyone got a copy of Microsoft exploder
the activeX applet that shuts down your windows box ?

> Microsoft takes the threat of malicious code very
> seriously.  It is a problem that affects everyone

As someone who has to try and dig fixes out of MS
sites where they put them undocumented and unannounced
for their NT customers I can't believe I just heard that


I'm not however 100% convinced Lynx is totally secure. It
only takes on abusable subtle buffer overrun for someone
to get unwelcome code running in a browser. Javascript and
friends don't make things safer that is for sure, but the
lack of them doesn't make it impossible.

Alan

;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;