Dashboard Exploit

Discussion in 'macOS' started by sOwL, Oct 19, 2008.

  1. richard.mac macrumors 603

    richard.mac

    Joined:
    Feb 2, 2007
    Location:
    51.50024, -0.12662
    #2
    MO is dont install anything that you are unsure of its whereabouts or developer. looks to be a very simple example of malware.

    the user will have to click the widget each time to send a screenshot and each time the receiver probably wont get any useful information. if it appears the widget doesnt do anything the local user will probably just delete the widget.
     
  2. sOwL thread starter macrumors 6502

    sOwL

    Joined:
    Sep 25, 2007
    Location:
    Nerd Cave
    #3
    well as i always used to say, most of the times there has to be an ignorant user to help a nasty program to harm his computer, but after understanding this article, think about a user uploading such a widget in apple's website. Its very easy to trust widgets hosted on apple's website. What im not sure about though, is if apple checks the code of the widgets it hosts or not...
     
  3. savar macrumors 68000

    savar

    Joined:
    Jun 6, 2003
    Location:
    District of Columbia
    #4
    Its not very clever, but it seems effective. Apple should probably do more to let the user know what kind of rights a widget is going to request.
     

Share This Page