[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] IE Changes / Software Patents
- To: <full-disclosure@lists.netsys.com>
- Subject: Re: [Full-Disclosure] IE Changes / Software Patents
- From: "Joel R. Helgeson" <joel@helgeson.com>
- Date: Wed, 8 Oct 2003 06:52:13 -0500
Does anyone care to wager how many security vulnerabilities Microsoft will
create by making this change?
Joel R. Helgeson
Director of Networking & Security Services
SymetriQ Corporation
"Give a man fire, and he'll be warm for a day; set a man on fire, and he'll
be warm for the rest of his life."
----- Original Message -----
From: "Rainer Gerhards" <rgerhards@hq.adiscon.com>
To: <full-disclosure@lists.netsys.com>
Sent: Tuesday, October 07, 2003 2:36 PM
Subject: [Full-Disclosure] IE Changes / Software Patents
> I just found a very interesting effect of software patents:
>
> http://www.microsoft.com/presspass/press/2003/oct03/10-06EOLASPR.asp
>
> As was posted on this list not so far ago, Microsoft lost a case against
> Eolas on some aspects of ActiveX embedding in IE. Their technical
> reaction is a good sample of what software patents cause:
>
> http://msdn.microsoft.com/ieupdate/activexchanges.asp
>
> In short
>
> - a lot of web pages are broken (even PDF should not work in all cases)
> - the user will become educated to press OK on popups even more often
> - wild workarounds are created (base64 encode the parameter instead
> passing it clear-text) to avoid patented code
>
> That last point is not written directly in the msdn document, but I read
> between the lines this will be the preferred workaround.
>
> Isn't that nicely?
>
> Rainer
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html