Active (Captive) X negates two of the benefits I listed for Java. It is platform-specific (so far, although I believe MSFT has said they will make it available on Unix -- that implies to me that they will make Windows available on Unix, which I rather doubt) and it is less secure, since it gives potentially unlimited access to client hardware (Java achieves security partly by limiting access to local hardware).
Sorry for all the parentheses, but it seems the most efficient way to interject depth to the text -- can't hyperlink here, after all!).
As for ease of administration, my understanding is that the problem with Active X is really more a problem with Windows -- applications are required/encouraged to alter what really should be invariant parts of the system (e.g. via altering DLL's), so that no application can count on the system to exhibit expected/required behavior. I probably haven't explained that very well, and perhaps someone else can do better, or perhaps an example will help. Suppose I install a piece of software XYZ and (by loading a replacement DLL, VBX, or whatever), it alters a portion of Windows code relied on by software UVW. Then UVW might no longer work -- installing XYZ effectively broke it. That happens now with installation programs changing DLL's, and can happen similarly (as I understand it) with Active X.
My read of the viruses question is that because Java tightly controls the ways in which software may deal with the hardware, it should be immune to most of the more common/troublesome types of virus. However, physical access security is still key in my book. Furthermore, flawed implementations of the JVM may also allow attacks; these will probably be sorted out with time.
JMHO, as always. |
