Bottom line? If everyone was honest, then we'd not even concern ourselves with dangers from these two bits of software? Yes? No?
The problem is that harmful code can be written in them and with ActiveX, it can invade your OS and screw you up royally yes? Java is a bit safer I gather because it comes in a sandbox that won't let it upset the OS--unless the sandbox code has holes in it.
So...Microsoft and Sun MicroSystems provide for you to read or accept a (Verisgn or other) guaranteed signature, as it were, that a given ActiveX or Java program is safe. Is that correct?
But does each and every ActiveX or Java software come with a guaranteed signature. I mean memory tells me I've downloaded or used online such programs and there was no guaranteed signature for some little program like one I played with that let you turn a cube any old which way by moving your mouse over it. So is this an inconsistency or is it maybe not every last such program needs a sigrnature? And I mean doesn't MS use ActiveX in its IE browser. I go there a lot and click many MS links to other MS pages but I've never seen a signature popup there.
So what is it I am not aware of?