Re: lets vote for better security

Vanguard
Date: 04/11/05

• Next message: Stephen Oeffinger: "Re: security dhcp server"
• Previous message: Roger Abell: "Re: There needs to be an international policy"
• In reply to: Roland Hall: "Re: lets vote for better security"
• Next in thread: Roland Hall: "Re: lets vote for better security"
• Reply: Roland Hall: "Re: lets vote for better security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 11 Apr 2005 13:27:19 -0500

"Roland Hall" <nobody@nowhere> wrote in message
news:egn0nmoPFHA.1176@TK2MSFTNGP12.phx.gbl...
> "Karl Levinson, mvp" wrote in message
> news:eUiurZZPFHA.204@TK2MSFTNGP15.phx.gbl...
> : I also think it is
> : entirely technically possible for MS to un-bundle MSHTML from
> Windows.
> : Linux, Windows 3.x, etc. work just fine without MSHTML bundled in.
>
> When did Windows 3 every really work? Do you even realize what year
> it was
> when Windows 3.x came out or how many years later it took for the web
> to be
> born? (Please don't confuse web with net)

Way too long ago for me to positively remember so I had to go look at
http://www.computerhope.com.

    1989 Tim Berners-Lee coins "World Wide Web"
    1990 Gopher developed by Univ. MN
    1990 Windows 3.0
    1990 First web client and HTML appears
    1992 Windows 3.1 (3.11 added networking; separate add-on for 3.1)
    1993 Mosaic released
    1994 Netscape founded
    1994 W3C (Worldwide Web Consortium) founded

Until Mosaic appeared, end users were extremely rare that had a web
client (and there weren't many that had Mosaic). My recollection is the
web didn't explode until 1994 although I remember doing something with
it around 1992 (and recall that I thought it was dumb; boy, was I way
off). So it was only about a year, or two, after Windows 3.11 when the
"web" started to accumulate popularity but I don't think it became well
known until around 1996-1997.

So obviously it isn't necessarily or even possible to unbundle HTML from
an OS that didn't even know about it yet, like Windows 3.x.

> : > Internet Explorer 4.0 and later treat WSH objects as unsafe
> ActiveX
> : > controls.
>
> Really? What zone are you referring to?

This statement was taken directly from a Microsoft KB article
(http://support.microsoft.com/?id=188135). The article is a bit old but
I thought it still applied. The option "Initialize and script ActixeX
controls not marked as safe" is available in ALL security zones, so you
can set it in each security zone however you want. I don't remember
what is the default setting for this option (since I always up the
security even in the Internet security zone) but I'd guess that it is
disabled (because of the "unsafe" used to describe the option). If you
add the My Computer security zone so it is displayed in Internet
Options, this option is set to Prompt for me but, again, that zone has
been customized and I can't guarantee this is the default setting.

> : That doesn't sway me either. I never said WSH or IE should be
> disabled by
> : Microsoft post-Windows install, nor will it. It should be disabled
> in the
> : default installation and be disable-able by Group Policy.
>
> Group policy? How many home users are familiar with Group Policy?

Probably referring to corporate environments where you can actually push
the policy on the domain. Because of this, we had to run our own domain
to eliminate the IT department from screwing us over. When the iLoveYou
virus hit, I caught an IT guy at my computer putzing around and making
changes. He and IT got chastized because our desktops are not leased or
under control of IT and we need to know exactly on what platform we are
testing. We weren't the dummies opening attachments to execute them
that caused the infection in the corporate network (and we were in our
own separate network). It was the sales folks that infect the company.

-- 
____________________________________________________________
** Post your replies to the newsgroup - Share with others **
For e-mail Reply: remove "NIXTHIS", add "#VS811" to Subject.
____________________________________________________________

---

• Next message: Stephen Oeffinger: "Re: security dhcp server"
• Previous message: Roger Abell: "Re: There needs to be an international policy"
• In reply to: Roland Hall: "Re: lets vote for better security"
• Next in thread: Roland Hall: "Re: lets vote for better security"
• Reply: Roland Hall: "Re: lets vote for better security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: lets vote for better security ... :> When did Windows 3 every really work? ... can set it in each security zone however you want. ... :>: default installation and be disable-able by Group Policy. ... that caused the infection in the corporate network (and we were in our ... (microsoft.public.security) Re: Unable to drag and drop, also click on folders ... Enable Drag and Drop ... Remove Windows Explorer's default context menu ... How to Enable the My Computer Security Zone in Internet Options ... (microsoft.public.windowsxp.help_and_support) Re: Zone box problem ... Windows XP Shell/User ... See this article: 315933- How to Enable the My Computer Security Zone in Internet Options: ... (microsoft.public.windows.inetexplorer.ie6.browser) Re: close outlook window ... What I need is that the windows where the buttom is pressed, ... > settings and what security zone your Web site is in. ... > Reminder Manager, Extended Reminders, Attachment Options ... (microsoft.public.office.developer.outlook.forms) Re: How do you all manage employee workstations? Looking for sugge ... 314886 Some Issues to Consider If Windows XP Users Have Roaming Profiles ... Folder Redirection is a User group policy. ... client computer will be saved in one server box. ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)