Is ActiveX used on IE?

Edit Subject

We are writing some docs for enterprise (locked down) installation of our Crossrider plugin. The question has come up -- what exactly is the extension's underlying toolkit (on IE) -- is it ActiveX, or something else?

1 person has
this question +1

0

Edit

Delete

Remove

Official

Fork

Bryan Field-Elliot July 24, 2013 04:12

Actually to make this question more useful --

Are there any security settings in IE (or Windows in general) which might cause trouble to end users installing the IE version of our extension?

Comment

good answer! good answer! (undo)
- Cancel
Edit Your Reply (some HTML allowed)
What's the status of this question?

Actually to make this question more useful -- Are there any security settings in IE (or Windows in general) which might cause trouble to end users installing the IE version of our extension?

How does this make you feel? Add Image

I'm
e.g. sad, anxious, confused, frustrated indifferent, undecided, unconcerned happy, confident, thankful, excited kidding, amused, unsure, silly
Cancel
EMPLOYEE

0

Edit

Delete

Remove

Official

Fork

Shlomo (Official Rep) July 24, 2013 07:29

Hello Bryan,

Our IE extensions are built using BHO technology which in general is not affected by windows settings.

However, specific programs may theoretically interfere (e.g. AV products that are overly zealous, or registry cleaners) but we have not had any reported issues of this kind to date.

Comment

good answer! good answer! (undo)
- Cancel
Edit Your Reply (some HTML allowed)
What's the status of this question?

Hello Bryan, Our IE extensions are built using <a href="http://en.wikipedia.org/wiki/Browser_Helper_Object" target="_blank">BHO</a> technology which in general is not affected by windows settings. However, specific programs may theoretically interfere (e.g. AV products that are overly zealous, or registry cleaners) but we have not had any reported issues of this kind to date.

How does this make you feel? Add Image

I'm
e.g. sad, anxious, confused, frustrated indifferent, undecided, unconcerned happy, confident, thankful, excited kidding, amused, unsure, silly
Cancel
0

Edit

Delete

Remove

Official

Fork

cyberdude July 24, 2013 14:02

Shlomo:
Not entirely correct, I remember seeing reports of Norton (and Nod32?) reporting extensions as malware.
This was 9-10 months ago.
This is most likely due to the Search hijacking Monetizing functionality.
This issue is one of Crossrider's largest flaws. Googling Crossrider doesn't put up many positive results, due to the Monetizing functionality being flagged as Malware.
This is a shame, and I hope Crossrider team will work towards getting rid of this image. Probably having to reconsider the Monetizing options provided in Crossrider .
I'm not sure whether Norton still recognizes crossrider extensions as malware, or whether they only do when Search hijacking monetizing is enabled, maybe someone can shed light on this?

Comment

good answer! good answer! (undo)
- Cancel
Edit Your Reply (some HTML allowed)
What's the status of this question?

Shlomo: Not entirely correct, I remember seeing reports of Norton (and Nod32?) reporting extensions as malware. This was 9-10 months ago. This is most likely due to the Search hijacking Monetizing functionality. This issue is one of Crossrider's largest flaws. Googling Crossrider doesn't put up many positive results, due to the Monetizing functionality being flagged as Malware. This is a shame, and I hope Crossrider team will work towards getting rid of this image. Probably having to reconsider the Monetizing options provided in Crossrider . I'm not sure whether Norton still recognizes crossrider extensions as malware, or whether they only do when Search hijacking monetizing is enabled, maybe someone can shed light on this?

How does this make you feel? Add Image

I'm
e.g. sad, anxious, confused, frustrated indifferent, undecided, unconcerned happy, confident, thankful, excited kidding, amused, unsure, silly
Cancel
EMPLOYEE

0

Edit

Delete

Remove

Official

Fork

Shmueli Ahdut (Employee) July 25, 2013 19:28

Cyberdude,

First of all, there is no such thing as a search hijack functionality on Crossrider.
I can personally guarantee this to you. There are some blog around claiming for search.crossrider.com but we do not provide such service and we don't have our own search.

We do have other monetization features that we see as benefecial to the users such as Coupons, Price Comparison and Cash back tools. Have these kind of monetization allows us to empower our developers with tools to generate revenues with the extensions they have built over our platform.

Regarding the AV flags you are mentioning, Anti Virus softwares are known for their false-positive flagging and we are continuously working with them to remove any false flaggings when found.

AV sometimes even flag their own updates as malware as you can read in this post:
http://www.theregister.co.uk/2011/10/...

Hope this helps and does shed light on your inquiry.

Comment

good answer! good answer! (undo)
- Cancel
Edit Your Reply (some HTML allowed)
What's the status of this question?

Cyberdude, First of all, there is no such thing as a search hijack functionality on Crossrider. I can personally guarantee this to you. There are some blog around claiming for search.crossrider.com but we do not provide such service and we don't have our own search. We do have other monetization features that we see as benefecial to the users such as Coupons, Price Comparison and Cash back tools. Have these kind of monetization allows us to empower our developers with tools to generate revenues with the extensions they have built over our platform. Regarding the AV flags you are mentioning, Anti Virus softwares are known for their false-positive flagging and we are continuously working with them to remove any false flaggings when found. AV sometimes even flag their own updates as malware as you can read in this post: http://www.theregister.co.uk/2011/10/26/avira_auto_immune_false_positive/ Hope this helps and does shed light on your inquiry.

How does this make you feel? Add Image

I'm
e.g. sad, anxious, confused, frustrated indifferent, undecided, unconcerned happy, confident, thankful, excited kidding, amused, unsure, silly
Cancel
0

Edit

Delete

Remove

Official

Fork

cyberdude July 25, 2013 23:44
Shmueli:
I'm perfectly aware of false-positives, but still doesn't change the fact that Shlomo wrote:
"but we have not had any reported issues of this kind to date"
When there are examples of such reports about Norton in this very "forum".

Whatever the intention with the monetizing options I am also perfectly aware about, but that still doesn't change the fact that malware scanners often detect such stuff as unwanted malware.
Especially Search replacement and in-text ads.
I have not tested your monetizing options yet, and I sure hope the installation process gives users an option to disable the options, otherwise I'm sure this could be cause of many of malware flags on Crossrider software.

So I still stand by my former post.

Also seeing your co-workers (and you) claiming that search.crossrider.com is not in use is (sorry to say it) a bit pathetic. It might not be in use now, but it sure was 1 year ago (Which incidentally is also when the reports about search.crossrider.com appears from).

Wayback archive machine, shows that search.crossrider.com was in use during 2012 (Showing content of crossrider.com) until somewhere in between 16th of June 2012 and 24th of June 2012. Then it stopped.

In a response to a question on Stackoverflow from 4 days ago, a Crossrider employee (http://stackoverflow.com/questions/17...) claims that
```
Not sure 100% about the search.crossrider.com thread you have mentioned but as we do not have any affiliation with this subdomain (in fact, it does not even exists on our DNS records)
```
Which again is not entirely correct.
Resolving various crossrider domains and subdomains gives the following result:
- crossrider.com [199.83.134.103]
- asdftest.crossrider.com [199.83.134.103]
- static.crossrider.com -> cds.d7u4j9w2.hwcdn.net [69.16.175.10]
- docs.crossrider.com [208.85.150.251] which reverse resolves to beta01.c44913.blueboxgrid.com
- search.crossrider.com [208.85.150.252] which reverse resolves to analytics-staging.c44913.blueboxgrid.com
Which clearly shows that default wildcard * dns resolves to 199.83.134.103 where the main website is located. Static and other content is located at CDN networks, docs is located on another server at 208.85.150.251
And incidentally search.crossrider.com resolves to yet another server/ip located in the same range as the docs.crossrider.com.
The IP doesn't (currently) seem to lead anywhere. However the DNS clearly DOES resolve in it's current state, which is not on par with the message from the crossrider employee 4 days ago on stackoverflow.

I'm not trying to pick you apart as I am currently in "love" with the Crossrider framework.
I'm fairly trusting you, and I fully understand that the search.crossrider.com malware could have been used as a disguise while the real culprit hijacked the search results by DNS (Hosts file) hijacking search.crossrider.com to point to somewhere that you don't have control over. This is very plausible.

What I don't like is that I have in this single post outed two wrong statements made by Crossrider employees. This I'm not so happy about.

Sorry for wall of text, and calling out mistakes. However, I do feel that on this matter, everything needs to be put forward in order to gain trust.
I also spent 14 days crawling the web for information about Crossrider, because of the linking to malware, until I jumped on board.
Comment

good answer! good answer! (undo)
- Cancel
Edit Your Reply (some HTML allowed)
What's the status of this question?

Shmueli: I'm perfectly aware of false-positives, but still doesn't change the fact that Shlomo wrote: "but we have not had any reported issues of this kind to date" When there are examples of such reports about Norton in this very "forum". Whatever the intention with the monetizing options I am also perfectly aware about, but that still doesn't change the fact that malware scanners often detect such stuff as unwanted malware. Especially Search replacement and in-text ads. I have not tested your monetizing options yet, and I sure hope the installation process gives users an option to disable the options, otherwise I'm sure this could be cause of many of malware flags on Crossrider software. So I still stand by my former post. Also seeing your co-workers (and you) claiming that search.crossrider.com is not in use is (sorry to say it) a bit pathetic. It might not be in use now, but it sure was 1 year ago (Which incidentally is also when the reports about search.crossrider.com appears from). Wayback archive machine, shows that search.crossrider.com was in use during 2012 (Showing content of crossrider.com) until somewhere in between 16th of June 2012 and 24th of June 2012. Then it stopped. In a response to a question on Stackoverflow from 4 days ago, a Crossrider employee (http://stackoverflow.com/questions/17772721/crossrider-extensions-are-they-safe) claims that <pre>Not sure 100% about the search.crossrider.com thread you have mentioned but as we do not have any affiliation with this subdomain (in fact, <b>it does not even exists on our DNS records</b>)</pre> Which again is not entirely correct. Resolving various crossrider domains and subdomains gives the following result: <ul> <li>crossrider.com [199.83.134.103]</li> <li>asdftest.crossrider.com [199.83.134.103]</li> <li>static.crossrider.com -> cds.d7u4j9w2.hwcdn.net [69.16.175.10]</li> <li>docs.crossrider.com [208.85.150.251] which reverse resolves to beta01.c44913.blueboxgrid.com</li> <li>search.crossrider.com [<b>208.85.150.252</b>] which reverse resolves to analytics-staging.c44913.blueboxgrid.com</li> </ul> Which clearly shows that default wildcard * dns resolves to 199.83.134.103 where the main website is located. Static and other content is located at CDN networks, docs is located on another server at 208.85.150.251 And incidentally search.crossrider.com resolves to yet another server/ip located in the same range as the docs.crossrider.com. The IP doesn't (currently) seem to lead anywhere. However the DNS clearly DOES resolve in it's current state, which is not on par with the message from the crossrider employee 4 days ago on stackoverflow. I'm not trying to pick you apart as I am currently in "love" with the Crossrider framework. I'm fairly trusting you, and I fully understand that the search.crossrider.com malware could have been used as a disguise while the real culprit hijacked the search results by DNS (Hosts file) hijacking search.crossrider.com to point to somewhere that you don't have control over. This is very plausible. What I don't like is that I have in this single post outed two wrong statements made by Crossrider employees. This I'm not so happy about. Sorry for wall of text, and calling out mistakes. However, I do feel that on this matter, everything needs to be put forward in order to gain trust. I also spent 14 days crawling the web for information about Crossrider, because of the linking to malware, until I jumped on board.

How does this make you feel? Add Image

I'm
e.g. sad, anxious, confused, frustrated indifferent, undecided, unconcerned happy, confident, thankful, excited kidding, amused, unsure, silly
Cancel