[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [DotGNU]MS Exchange and .NET
From: |
Peter Waldschmidt |
Subject: |
RE: [DotGNU]MS Exchange and .NET |
Date: |
Tue, 2 Oct 2001 07:40:50 -0400 |
<snip>
bit of code wants to send an email... As far as I can tell, .NET is
ActiveX. Big problem with ActiveX is that it is opaque - you don't know
what it is capable of.
But we have a Secure Execution Environment! i hear you call :) how do we
stop worms from communicating within the laws of the secure execution
environment?
</snip>
There is a huge difference between ActiveX and .NET! .NET uses
verifiable bytecode similar to Java, so the execution engine can prove
that there are no security violations (according to the rules set by the
security configuration). ActiveX is raw i386 code, which cannot be
verified easily.
By the way, when is the last time you heard of a virus written in Java?