Hardware Reference
In-Depth Information
There are two parts to ActiveX: the browser plug-in, which is like a player for the
ActiveX content, and the individual ActiveX controls that you encounter as you visit
websites. For example, an ActiveX control may run an interactive game within a web page,
or it may collect information from your system for diagnostic purposes.
ActiveX is a powerful web technology, but it can also be dangerous in the hands of criminals.
Therefore, when your browser prompts you to download an ActiveX control in order to display
a page's content, you should be very suspicious and make sure you trust the website. Some
browsers don't support ActiveX controls at all because of the potential security risks.
Java
is a programming language that works across multiple platforms (that is, multiple
operating systems and types of computer hardware). Many web programmers use Java
to write mini-applications for the Web as an alternative to using ActiveX.
JavaScript
is a
variant of Java designed for inserting code (scripts) on web pages.
From a security standpoint, using Java for web applications is considered somewhat safer
than ActiveX, because it doesn't interact with the underlying operating system. Instead,
Java is part of an environment that contains all the interactions within a closed bubble,
sometimes called a
virtual machine
, which exists only as long as that web page is displayed.
Cookies
In its raw form, HTTP is a
stateless
protocol. That means every exchange between a web
server and your web browser is a clean slate, with no memory of any previous exchanges.
Each time you visit a website, it's like you were never there before.
Have you ever noticed that, when you revisit some shopping sites, the page welcomes
you back by name, and even makes product suggestions based on your previous purchases?
This is possible because the site stores data about you and your previous activities in a
plain-text fi le in a hidden area of your hard drive. This text fi le is called a
cookie
.
Cookies can originate either from the main site you're visiting (a fi rst-party cookie) or from
one of the companies that has an ad on the page (a third-party cookie). Most web browsers
have separate settings for controlling and deleting fi rst-party and third-party cookies.
Cookies can also be temporary (session cookies) or permanent (persistent cookies). A
session cookie keeps track of your back-and-forth exchange with a website for as long as
that page remains loaded: that is, for the current session. If you close the web browser,
though, that cookie is deleted. A persistent cookie remains on your hard disk until you
delete it. Websites use cookies differently. For example, one website may use a session
cookie for a shopping cart, so that if you leave the site without making a purchase, the
next time you return your shopping cart is empty. Other sites may use persistent cookies
for a shopping cart, so that the next time you return to the site, the items you placed in the
shopping cart are still there.
Like many other “innocent” technologies on the Internet, cookies have been exploited
by aggressive advertisers. You can easily delete any (or all) of the cookies stored on your
system, or you can ensure that they expire after a time limit or when the browser is closed.
Cached Web Data
A
browser
cache
retains a copy of some of the fi les required to display the web pages you
visit. When you revisit a page, your browser may be able to reload certain fi les, such as the
