Re: flying pigs considered harmful

Line noise transmitted the message below unattributed; my apologies 
to Braden McDaniel.

>> [JPS:] The only 
>> way to obtain device upload does not even involve the INPUT tag 
>> (on Windows' MSIE, the OBJECT tag is used with an insecure 
>> "ActiveX" binary; on Netscape Navigator under Windows, the EMBED 
>> tag is used with a similarly insecure arrangement where the user 
>> must "Grant All" system privileges to the EMBEDed binary code.)  
> [BNM:] Yes, well, one could probably use OBJECT/EMBED to make pigs
> fly if one were so inclined and prepared to waive the relevant
> security precautions.

The security concerns are actually more significant than the "it 
won't run on my Mac/Unix workstation" -- at least for the majority 
that don't have Mac or Unix workstations.  Promiscuous use of 
insecure binary plug-in applications is another reason against 
>> If the W3C would just take a stand, and tell the browser vendors 
>> that in order to be compliant with the W3C Recommendations, if 
>> device upload is implemented then it should be available in a 
>> certain way, then they would probably conform to stay compliant.
> The W3C has defined conformance terms for HTML 4, CSS1, CSS2... And how
> many browsers conform to date? I'm a little bit skeptical that having the
> W3C stomp its feet would do a bit of good.

It is completely reasonable for the W3C to act in the general 
interest of web users.  Supporting device upload would be in 
their interest because of the reduced security concerns, the 
more widespread accessibility on a diversity of platforms, and 
the general utility of the services enabled for education, 
commerce and industry.  I believe the W3C will try to hold on 
to its leadership role in consumer protection pertaining to 
browser technology.


Received on Friday, 3 March 2000 04:57:45 UTC