April 23, 2008 @ 5:28PM —
Personally, I like tabbed browsers because I don’t like a clutter on my taskbar. Latest browsers these days have tabs. This is the feature that I like about Firefox since its first release. I advertised Firefox to co-workers and installed a version in each workstations. About two years ago, I removed all installations of Firefox at work and in my home PC. The reason is that Firefox is taking up so much of my resources when I am using it. Another reason is that since I work in financial services, I have to use IE5-IE7. Why? Because of ActiveX.
November 4, 2008 @ 10:18AM —
Everything at work are Windows-based. From old system to new, they are all programmed in Visual Basic and ASP. I’m currently deploying a web-based application for our agents and the application is written in ASP scripting. The application is not install-friendly nor it is portable. Since it is using ActiveX, it can only work in Internet Explorer (that is why I can never abandon this software). Also, I have to open security holes from the agents’ computers (the only thing I can do the most is add the site in the Trusted Zone). That means if they are using Vista, they would always received scary warning each time they use the application. In addition to that, a 10-minute setup would take me hours in Windows Vista.
So what is wrong with this setup? Well it is no secret that ActiveX is compromised. With that in mind, a firm like us should avoid it at all cost. There is a much better way to keep track of users and that is through digital certification. Public-key cryptography was so revolutionary that it ought to be used in situations like ours. Also, by abandoning ActiveX, portability issue is solved.
I hate to say this, but so far I’ve been interacting with web applications that are not (or are improperly) using digital certification. There are only 3 web applications that are properly using certification and it really resemble their reputation.
Why are programmers not doing this? My guesses are:
- Lack of knowledge in security.
- Lack of time.
- Lack of resources.
- Satisfied as long as the application works according to basic specifications.
In our case, it’s probably because it’s done in a rush and only a single person in-charge of web programming. How I wish I could setup a team and time to do this.
Recent Comments