[GTALUG] Firefox is a pig
Lennart Sorensen
lsorense at csclub.uwaterloo.ca
Mon Nov 17 21:51:28 UTC 2014
On Mon, Nov 17, 2014 at 04:46:48PM -0500, Walter Dnes wrote:
> I understand the differences "under the hood", but conceptually, at an
> abstract level, it's the same. A diesel-engined car has a different
> powersource than a gasoline-engined car or an electric car. But in the
> end, they accomplish the same task, i.e. moving a few people and some
> groceries around. And they're all capable of getting into accidents.
>
> Same thing with Java and Active-X, they involve downloading code from
> a webpage and executing it on your machine. And they're all capable of
> security breaches. Yes, they're different "under the hood", but the
> results are often the same.
Not quite. Active-X downloads and executes native code on your machine.
Java downloads byte code and executes it in a virtual machine (which is
not the same as running directly on your machine). Unfrotuantely the java
virtual machine has to provide methods to make things actually happen
and those have often had problems too, although generally nowhere near
as bad as what active-x allows by design.
--
Len Sorensen
More information about the talk
mailing list