On The Insider: Adrian Brody to Star in New 'Predator'
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 11 of 51:
Next »
« Previous
Where does ZDNet get it's reporters from?
"Widgets, or small programs that automatically install after
downloading, were introduced in Tiger for the Dashboard,
which overlays the desktop."

Yes, and this was a stupid decision by Apple, but they have
at least patched the worst of it in 10.4.1 (ie auto install).

But who at ZDNet thought that the ranting of one
individual on a public mail list was worth reporting?

Even the charter of the list states:
"The [Full-Disclosure] list is unmoderated."

Widgets will run at the permission of the user as will any
code run by the user. The tie-in with sudo command is
ridiculous.

Apple has defined a good [url=http://developer.apple.com/
documentation/AppleApplications/Conceptual/
Dashboard_Tutorial/Security/chapter_10_section_1.html#//
apple_ref/doc/uid/TP40001340-CH210-
TPXREF101]security model[/url] for widgets, unfortunately
they haven't set the permissions of the dashboard to be
minimal by default (FIX IT APPLE).

But if this is the standard of security vulnerabilities worthy
of a ZDNet article I can think of another OS deserving a
couple of hundred articles;-)
Posted by: Richard Flude   Posted on: 05/21/05 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

This new OS is still beta  FADS_z | 05/20/05
You must be talking about...  Rick_K | 05/21/05
Your Head Is In The Sand  nikoli | 05/21/05
ok.. how about  doh123 | 05/23/05
Auto Install  nikoli | 05/23/05
That mature Apple is rotten on the ground  FADS_z | 05/22/05
Nothing "worser" than ActiveX. (NT)  b.d.hi | 05/21/05
No matter you are hi or lo.  FADS_z | 05/22/05
So you agree with him?  doe_z | 05/23/05
Not a chance...  BitTwiddler | 05/23/05
Where does ZDNet get it's reporters from?  Richard Flude | 05/21/05
Tie-in to sudo is *NOT* ridiculous  rpmyers1 | 05/21/05
Ridiculous spin  Steven Rogers | 05/21/05
You Spun The Spin  nikoli | 05/21/05
The tie-in is  Richard Flude | 05/22/05
Wrong  nikoli | 05/21/05
What?  Richard Flude | 05/22/05
Wrong Again  nikoli | 05/23/05
Clearly you do not know what you are talking about  Richard Flude | 05/24/05
do you understand what you read?  doh123 | 05/23/05
Doh = Dumb  nikoli | 05/23/05
Read the article  Apple ipod | 05/26/07
Drop Widgets like a hot potato  DarthRidiculous | 05/21/05
There's a difference  Qbt | 05/21/05
Take another sip of the M$ koolaid  DarthRidiculous | 05/21/05
Its not about the quantity of users  Steven Rogers | 05/21/05
So what you are saying is that...  Qbt | 05/21/05
The bottom line is this  TWRX | 05/21/05
OSX Is Not The Safest OS Ya Dumbass  nikoli | 05/21/05
Read the post you are posting to  DarthRidiculous | 05/21/05
I Read It Bro  nikoli | 05/21/05
Prove it.  Jkirk3279 | 05/23/05
Any *nix you can dig up  nikoli | 05/23/05
Use both  DarthRidiculous | 05/21/05
Slight correction, and comments  toadlife | 05/22/05
Correction to the correction  rpmyers1 | 05/22/05
Like download widgets in the first place  DarthRidiculous | 05/22/05
Back in the pre OSX days the vast majority of vri/worms  Laff | 05/23/05
I totally agree  toadlife | 05/23/05
Let me get this straight...  thetargos | 05/23/05
Nope  rpmyers1 | 05/23/05
this is funny  zeusfuse | 05/23/05
More of what hacks? So far all of this seems to be  Laff | 05/23/05
That's the funniest part about all this mudslinging  Jeff Spicoli | 05/23/05
Theoretical - AND EASY  rpmyers1 | 05/23/05
Which is what is being worked on as we speak is it not?  Laff | 05/24/05
Have you ever noticed...  alterego_z | 05/23/05
hmmm  IT Scion | 05/23/05
I'm uninstalling Tiger today  dzash2000 | 05/23/05
Apple, What were you thinking?  4pvl | 05/25/05
out of Microsoft's book  Apple ipod | 05/26/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
Click Here
advertisement