Microsoft is--ahem--actively seeking ways to augment the Authenticode digital signature and certificate security model used by ActiveX controls. The proliferation of the controls on the Net has finally caused Microsoft to realize that existing security measures are weak at best. Under consideration: HTML signing, proxy-server and firewall improvements, and a database that stores security status information.
HTML signing works by ensuring that an ActiveX control can only run when the Web page that contains the control is being viewed. Proxy-server and firewall improvements would allow network administrators to screen code in the same way that virus software scans for viruses, and then not admit dangerous controls. Microsoft is also looking into creating a database of Java applets and ActiveX controls, possibly maintained by a third-party company, that would act as a clearinghouse for the code and provide a seal of approval.
In a related development, the lack of ActiveX security allowed hackers in Germany to demonstrate a control on television that takes money from one bank account and deposits it--illegally--in another. Supposedly, a customer PIN will prevent this from happening, but the control fakes the computer into making the transfer. Microsoft will kick off an educational campaign in the coming weeks to alert people to safe ActiveX control usage: this sort of control can only do what it needs to do if people allow it to. This is fairly easy, however, since most people wouldn't realize the risk
