With regard to Java, the security issues lies within the implementation of the Java Virtual machine, which controls what a Java program can and cannot do. Generally the JVM is designed to protect the application from doing damage(malicious or unintentional) to the client environment. If there are breakdowns with this software barrier, then it is possible for a malicious java program to exploit this weakness.

With regard to ActiveX, security is limited by the knowledge and behavior of the end user. Within each ActiveX program there is a digital signature which identifies among other things the author and cosigners of the program. Since there are no data or security barriers once an ActiveX begins execution, it is up to the end user's judgement to determine if the program appears to be malicious.

Signed applets provide a means of bypassing the JVM's security barrier, which would then expose it to dangers similar to that of ActiveX. The only difference, however, is that Java enabled browsers provide a means of determining the cause of the damage from a bad signed applet.

1) ActiveX controls are written as DLL files. 2) They must be loaded into a container such as Visual Basic or Internet Explorer. They can not be run as standalone program/executable. 3) They can be written in various languages, such as C++ and Visual Basic. 4) They must be registered in the Windows registry. This is automatic performed as part of their installation. 5) They run as native Windows code. 6) They are optimized for download and execution speed. The need for ActiveX controls to be downloaded via relatively slow modem connections to the Internet required that their size be as small as possible. In addition their execution speed is very important to be palatable to the user.

A Java applet is a specialized Java program that is designed to execute within an Internet web browser, like Internet Explorer or Netscape Communicator. The web browser needs to be Java-enabled, which means that it has a Java Virtual Machine that can interpret and run the code. Java applets are identified with an APPLET tag within the HTML code.

A Java program is a multi-platform application that is written in Java that runs independent of the browser. The platform it runs on needs to have a Java Virtual Machine running so that it can interpret the code and run the program.

Applets and servlets are both Java programs, however their only difference is where they execute. An applet executes on the client host while a servlet runs on the server. One way to remenber this is using 2/3 tier C/S terminology: application -- applet, server - servlet.

For Java, a major feature is its ability to run unmodified on several platforms, which provides an easy means of moving applications from one platform to another. Since the architecture is platform independent, java programmers do not have to be well versed with the internal workings of the platform they are working on.

With Windows being the predominant operating system on desktops today, Activex has the means of reaching many end users within the same platform. This lends itself to a large community which can tailor an extensive variety of applications to a well known environment. By doing this, however, there is a tendency to exclude other platforms from the same kind of benefits, thus limiting the of ActiveX. The use of ActiveX applications introduces some security risks which also need to be dealt with. (See question 1 for more details).

Java provides a means of securing the application from the environment, however this can cause some end user performance issues. As a result, considerations should always be made with regard to the number of applets invoked by a page.