|but gewg_, after all that talk I've done nothing and never been infected.
| Lee
|
I hope you knocked on wood when you said that.  8-)

|I've heard the talk from day one too, and still no problems here.
|
...and knocked again after that.
Your anecdotal report aside, it happens to folks all the time.
(The *more savvy than the average Windoze user* thing is in your favor.)

|Unlike the global warming issue where the sky IS actually falling,
|this issue has no casualties that I'm aware of at all,
|
We see people with infections here all the time.
The fact at some of those infections are ActiveX-related isn't acutely obvious
simply goes to the prevelance of Windoze exploits in general ISTM.
Most folks don't want to *know* what the infections are
(they just want to get rid of the problem and move on)
so we generally don't see reports back on what specifically caused the problem
and the ones that do report back don't generally say "ActiveX-related"
because the virus cleaners don't make a point of revealing that.

|just way too much drum pounding from people like you.
|
If a small percentage see the logic,
that will be that many fewer getting infected AND PASSING ON THE INFECTIONS.

Over time, the other folks will increasingly see and hear others advise the same.
After folks who haven't heeded the advice get infected for the nth time,
perhaps they'll look back retrospectively.

|In order to get infected with a malicious ActiveX agent[,]
|one almost has to be so stupid as to deserve it.
|
This reminds me of the "added security" in Vista.
Many people get so tired of the pseudo-security UAC pop-ups
that they just automatically click *Accept* or they disable UAC.

To address your point:  When there is a flurry of pop-ups on a website,
it's not difficult for a black hat to slip a malicious one into the pack.
Even cautious users are apt to inadvertently click one of those
without reading what the dialog says.
An obvious defense is to use a browser that isn't "more powerful" than is required.
[1]

|Almost just like opening email attachments from unknown sources.
|
True. It's not so different--once you remove the *flurry* aspect WRT sites & M$IE.

|I don't expect you to change, I just wanted to explain the vast silence you hear
|in answer to your never ending drum beat.
|
The non-M$-browser-adoption statistics say that I'm on the side of the angels.
Folks are getting tired of getting infected
--and the really sharp ones are realizing that
having unnecessary, easily-exploitable "features" in their browsers is dangerous.


[1] A Gecko-based browser (Firefox, SeaMonkey, etc.) with the PrefBar extension
(or the NoScripts extension, among others) is a popular way for folks
to not have to deal with A LOT of the crap some site builders put on their pages.

(User-built) Gecko extensions make web surfing SO much more pleasant.
Open source software is SO much cooler than proprietary software.

• Reply or follow-up to this message

• Search this forum
• Start a new thread on a different subject

• Report abuse of the forum