I don't know about you, but when I get that little box stating a site wants to install an ActiveX control, my first impulse is to hit the NO box, quickly followed by the BACK key. This may seem a bit paranoid, but I use my computer all day long and I depend upon it for business and pleasure. Why would I want to put it at any risk for some silly little ActiveX control? The web is a huge place and there are plenty of other sites to look at.

My advice to anyone is generally don't allow ActiveX controls to be installed from anywhere except for really big sites like Microsoft. It's just too difficult to judge how safe or unsafe the control happens to be.

How is this different from Java? Well, Java has an entirely different security model which does not make the assumption that the user has been educated about the specific Java applet. Java sets specific rules to what an applet can and cannot do, and generally these rules do an excellent job of preventing damage to a system (there have been bugs but no where near as many as with ActiveX).

On top of the security concerns, ActiveX only works in Internet Explorer. Yes, I know there is a plug in for Netscape but it's slow and not very usable. Besides, most Netscape users don't have it installed. If you are designing a web site, please consider this very carefully. If you include ActiveX controls you are losing as many as 50 percent of your visitors. Next Page