Java versus ActiveX

• ActiveX is not suitable for running untrusted code

  • Authorization with digital signatures and certs
  • User affects security policy on the fly by deciding who to trust

• Java is designed to run untrusted code safely

  • Sandbox model
  • The old “black and white” model is evolving fast

Previous slide

Next slide

Back to first slide

View graphic version