it is a specification. And it is possible to write safe, secure software using ActiveX. Just look at the banking systems in South Korea. They used ActiveX extensively, and put out services better and faster for it.
One problem with ActiveX is the same problem with any specification or language: people are willing to write crappy software regardless. Just because Facebook didn't write a safe plugin isn't ActiveX's fault. It can be done, they didn't take the time to do it.
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
