[Dashboard] Potential security issue

Steven Rogers srogers1 at austin.rr.com
Tue May 10 12:16:10 PDT 2005


On May 10, 2005, at 1:54 PM, Phillip Burk wrote:

> This is highlighted quite nicely by The Unofficial Apple Weblog:
>
> http://www.tuaw.com/2005/05/07/the-problem-with-widgets/
>
> Evidently it's possible to have a Dashboard widget installed just by 
> visiting a website

That's a good article in terms of putting things into perspective. 
While its kind of dumb to have things download automatically (IMO, the 
whole Dashboard is not yet ready for prime time). But all the tech news 
sites are going nuts with "Apple's new OS has a security flaw!" - which 
is a completely stupid interpretation. Its one thing to have a silly 
feature, and quite another to have an insecure *operating system*. Even 
though the thing downloads itself, YOU still have to run it.

The bottom line is that there's some risk involved in running 
downloaded software. Whether its a widget or something you get from 
Version Tracker. If you don't review the code, then you don't know what 
its doing.

SR



More information about the Dashboard mailing list