www.codeproject.com is a very, very well-known and reputable site among developers. So a quick search in Google's newsgroups would turn up plenty of evidence that this is a legitimate and serious site. (And it's never a bad thing to check out a web site before you surf to it, if you have any doubt at all).

But if you have your IE security settings as described in that URL I posted in my first message here, then it wouldn't matter since the highest security setting disables activeX scripting. So definitely do read that previous article and utilize IE's Trusted Sites feature.

Unfortunately, if you have a site in your Trusted list, and that site is hacked, then you're completely vulnerable. I could easily deliver a malicious payload in the time that you took to read RuntimeDNA's joke. Easily. It's especially bad if that site uses passwords, and you have credit card info stored there. That's why RuntimeDNA's joke was very ill-advised. I don't know the people who run/moderate that site, and I'm not commenting upon their performance the other 364 days of the year. But this particular day showed the site in a very unfavorable way. I don't know if any of the people who posted above are representatives of the site, but if they are, instead of defending the "humor" of the "joke" and depicting people who appreciate the serious nature of online crime as overreacting (and other much less flattering depictions above), I would have advised them simply to say "We're sorry if we caused any concern to our merchants and customers. We didn't really consider all the ramifications of our April Fool's joke, and after due consideration, understand why it would cause concern.". That would at least show a much less cavalier attitude toward security.

Frankly, if the sysadmin of a serious business had done this stunt, he would have been admonished by the site's owner at least, and perhaps fired if the institution handled personal/financial information of numerous people. (The likelihood of firing would increase dramatically if the "apology" for the joke remotely resembled the total lack of contrition and seriousness like what I've read above). I've seen this sort of stuff happen.

Message edited on: 04/02/2006 13:31

Message edited on: 04/02/2006 13:35