The Technology blog and podcast

why the tpl and activex filtering are bad ideas

Hi all.
well well, well.
ie10 has 2 new features both of which in theory are sound enough but in reality suck.
1. tpl
the tracking protection list or tpl is in theory supposed to be able to stop sites tracking you.
at the cost however of say a site you want to track you or save a cookie like your game you want to play online or some other stuff.
there is probably a way to trust but so far havn’t found a reason to even use tpl.
Now activex filtering.
essentually it stops all activex controls running on your system whilst in internet explorer.
Fine!
this lets you control what should run on websites.
again from a security standpoint fine.
If you trust a site you can allow it from the command bar in ie.
all thats fine.
Now my gripes.
if you go to a site that is filtered and blocked there will be no notification at all that there is a filter option at least for the blind.
The other thing I dislike largely is how some of the articles were written.
The official ms article states and I quote “most activex controls are made by third parties and not by microsoft”
So I assume therefore if I was a hacker and made a trogen called it an ms addin for say xml or something that it would launch.
And can we assume that ms will block anything that is not made by it.
Who knows will it lead into oses.
I can imagine installing say jaws and finding it not working because its not narator which is used by microsoft.
In fact if you don’t have a ms program on your system they may not work because they are not microsoft.
For that reason I think all the extra security stuff in ie 10 should be disabled because microsoft clearly doesn’t want you to run anything that is not by it.
This may not be the case, but it worries me that ms can say that inosent extra filters will give you more control and all that but the fact it hints that ms stuff is all that will work is worrying.
It could also be construde with the following line
“activex controls could allow a hacker to control your system”
From that I can assume that if activex filtering is working then ms doesn’t need to release any remote updates for any hackers that get in after all with only ms software in their systems it won’t matter.
I found out how to fix it so that a site would work as it supposed to do, however the fact you are not ified worries me greatly at least for the blind there is no ding nothing.
nothing on the alt n bar.
I spent most of today reinstalling flash and almost reformatting because a notification never came up.
I can see where this site will work.
and for me, if I added the sites I used needing activex to the trusted zone and turned off filtering in that zone that would rock.
however I have no idea what sites the intel driver updaters link to as well as a few other things.
its easier to just bin that feature all together.
later all

Comments (0)

the qube has been updated

Just a note in regards to the Qube, a blind accessible program for
Twitter. It fixes an issue where I was getting reports of it not
starting say if you shut it off for some reason, and restart it. They
say to stay tuned for news on twitter’s 1.1 api news as it will effect
this and other programs.

Quartz Projects home page

The site is in the form of a blog now, and they don’t seem to have a
post dealing with this. Their twitter feed has a
link to the beta 5 installer should you need it. Enjoy!
—
Jared Rimer
The Technology blog and podcast
https://technology.jaredrimer.net

Comments (0)

Technology blog and podcast, podcast 177 is now available!

Edited on 3/14 for HTML issues.

Get your copy via the RSS feed. Here are the show notes.

---

Welcome to podcast 177 of the Technology blog and podcast. This podcast has been marked as time allows right now, and I have time to do one because we have a topic. There’s A Secret Internet For Drug Dealers, Assassins, And Pedophiles is the article I posted on this blog as well as the AMW Reloaded blog. AMW Reloaded’s Jared Rimer, Janet Quam, and Melissa Harrell talk about the article. Then, Steve Gibson from GRC from Security Now has his segment from episode 394 which I cut from that podcast. I hope to have more podcasts when I have something of interest to talk about without reairing everything under the sun. Enjoy!

Comments (0)

Internet porn means birds ‘n’ bees talk comes earlier, says expert – TODAY.com

Internet porn means birds ‘n’ bees talk comes earlier, says expert – TODAY.com.

This is an interesting article only because it has topics I’m interested in, although porn itself isn’t all that interesting as it is visual. I’m curious what people think of Hellen’s article? Me, I’m thinking if you’re using technology at 10 and surfing the Internet, you should learn how to be safe, and if that means that you need to talk to your kids about such things, then feel free. I heard something about kids using ipads and iphones as young as 2 years of age. Thats very young, but too young to have such conversations about the Net and what it has on it. Thoughts are welcome, feel free to comment in the comments. It is something to pay attention to anyway.

Comments (0)

Coming up on a future podcast of tech

Well,
Its been a long time since we’ve done a podcast, and boy do we have
a topic. TOR version 2 was released, and I put an article about it here
on the blog. AMW Reloaded’s Janet Quam, Melissa Harrell and I talk
about the article in a news type of segment. We’ll also put together
the segment from Security Now about the TOR updates. All that on a
future update.

Comments (0)

Walkthrough Of Tor, Silk Road, Deep Web – Business Insider

Walkthrough Of Tor, Silk Road, Deep Web – Business Insider.

This is something I think you should read. A two page article dealing with the underworld using TOR, although like it says, there are uses that are legal with the service. I’ve never tried it, I wonder if it is accessible?

Comments (0)

go to sections menu

---