ACTIVEX, MICROSOFT, ACCESSIBILITY, AND THE POLITICAL STRUGGLE

From: Brian Buhrow (buhrow@lothlorien.nfbcal.org)
Date: Tue May 14 1996 - 07:49:01 PDT


        Hello fellow research gurus. I don't know how many of you are familiar
with the ActiveX technology that Microsoft has been developing. This
technology is based upon their OLE (Object Linking and Embedding)
technology. Along with their off screen model, which is currently being
re-worked, this technology promises to make Windows 95, NT, and Nashville
accessible to blind and partially sighted users. This technology, in its
simplest form, is a collection of software hooks that access technology
vendors can use to access information which is on the screen of the
computer and present it to the blind user. However, this technology is
more powerful than that, allowing software to probe the bowels of the
operating system looking for useful information, read files from the disks
on which it is running, and, I believe, launching helper applications to
allow the access application to take advantage of multi-media presentations
to present its information. In short, ActiveX is a powerful way of
programatically accessing the operating system, and either extracting
information from it, or making it perform certain tasks.
        Most of you are also probably familiar with Java, that web-based
programming language developed by Sun Microsystems and which is touted to
be the only platform independent language in which the compiled software
can run on a variety of unrelated hardware. The idea is that when one
down-loads a web page, instead of the contents consisting of HTML commands
to manipulate the text which appears on the user's screen, one gets a
compiled collection of instructions which comprise a web application which
runs on the cpu where the browser is running. Theoretically, this
application can do anything that a standard application can do. It can
open files, print displays, drive printers, launch applications, etc.
Although Sun has tried to develop Java and Java interpreters which secure
the machines on which they run from unwanted security breaches, several
prominent university types have pointed out that the very power of Java
means that there will always be some risk of unwanted activity from hostile
applications. The difference, is, however, that because transmission and
execution is so transparent, and can happen as one surfs over a web paged
on his way to something more interesting, the risk of infection is far
greater than it was with any disk based virus.
        Rather than talking about Java and ActiveX explicitly, however, I would
like to talk about one of the challenges of accessibility that face us in
this brave new era. This is the political challenge of convincing
potential employers, universities, government institutionns, and friends
that it is in their best interest to install the ActiveX accessibility
tools and to configure their systems to allow access tools free reign over
the computing environment. I was reading a paper yesterday in which the
author asserted that the security problems of Java were serious, but that
they were nothing when compared with the security implications of ActiveX.
Because, as Sun says, the network is the computer, and because many of the
facilities these software hooks use communicate using networking facilities
inside the operating system, many of the advantages an accessibility
application gains by running on the same machine as the productivity tool
are available to machines connected to the machine running ActiveX via the
network. Conversely, a well crafted application running on the ActiveX
machine could potentially launch atacks against other machines on the local
corporate network. If this machine is rnning ActiveX and Java, the poor
user could be giving away the company store as he or she searches the web
for the answer to some customer question.
        Another security implication of this technology is that if the blind user
needs to use a machine which also provides essential services to a
corporation, for the purpose of administering it, that machine either has
to be re-configured in such a way as to be accessible during the time it is
being used by the blind person, or it has to be configured in an accessible
manner all of the time. Neither of these conditions is really desirable,
either for the corporation, or the blind user. For example, if the blind
user has to go through a twenty minute procedure to make the machine
accessible in order to use it, and a twenty minute procedure when he is
finished, it would be hard for him to argue that he could accomplish the
same amount of work in the same amount of time as a sighted user. However,
if the machine is always configured to be accessible, then their is
an increased risk of attack from an unwanted outside source.
        These issues are not new and are not limited to users who need alternative
access to computers, but to date, I have heard virtually no discussion of
the security issues surrounding access technology, and what steps are to be
taken to insure access while providing adequate security. To give you a
real life example of what I mean, let me tell you about a small incident
that took place during the Access 95 conference Microsoft put on last July
and which many of you attended. As many of you know, Microsoft is touting
NT as its answer to the business problem of providing services to many
people with one machine. If a machine is providing many services to many
people, then the operating system, NT, is responsible for insuring that
users of a particular service do not have access to information or
applications being used by other services unless access has been explicitly
granted. With this frame work in mind, a programmer stepped up to the
podium of the conference last July and began talking about the steps
Microsoft was taking to make NT accessible. After he had been talking for
a while, one of the screen access vendors stopped him to ask him if there
was a global way of capturing input from the primary keyboard of the
machine. The programmer paused, ehtn admitted that there was indeed a way
for aan application to see everything that went by on the computer's
keyboard. Nothing more was said on the subject, but the ramifications of
that statement are far reaching when one considers that the computer in
question might be located in a secure area, where administrators feel
comfortable typing confidential information into the machine, never knowing
that an accessibility program running on the machine is shuttling their
keystrokes off to some industrious hacker in the next building.
        I do not pretend to understand all of the nuances of this problem, but I
believe we, as blind technologists, need to understand the implications of
the technology being developed for our use, and what needs to e done to
make it secure. The last thing we want as blind professionals is a
technology which cannot be accepted in the corporate world because it
leaves all of the electronic doors unlocked for any trespassers to stop in
and have a look.
        I'd like to see some feedback on this topic, and to generate discussion
on how we might further this process.

-Brian



This archive was generated by hypermail 2b29 : Sun Dec 02 2012 - 01:30:04 PST