Yeah, Dashboard sounds a lot like ActiveX and those of us on the PC side know how un-safe those controls turned out to be.
--- Rex. -----Original Message----- From: owner-macgroup at erdos.math.louisville.edu [mailto:[EMAIL PROTECTED] On Behalf Of Lee Larson Sent: Wednesday, May 11, 2005 10:03 PM To: Macgroup Subject: MacGroup: Dastardly Dashboard It looks as though Apple has gotten caught in an uncomfortable place with Dashboard. It turns out that the default install of Tiger+Safari has opened up a potentially nasty security hole. Several people have demonstrated that Safari can be used to install a Widget in the Dashboard in the background while you are looking at a Web page. If you're running Tiger, go into your Safari preferences and turn off the feature letting it run "safe" files. Here's an example of one of the wicked widgets. (I have put in an extra xxx- to make sure nobody blindly clicks it.) It's safe to look at the page with non-Safari browsers. <html://xxx-stephan.com/widgets/zaptastic/> From the beginning the Dashboard looked like a pretty lame feature to me, but now I'm very underwhelmed with its security. For some reason Apple is going out of its way to avoid putting multiple/ extended desktops in Mac OS X, and is instead relying on flashy, dubious desktop layering with Dashboard and Expos?. Every other Unix desktop has this right, and Apple is stubbornly refusing to admit a mistake. Or maybe The Steve thinks multiple desktops are too complicated for his users. | The next meeting of the Louisville Computer Society will | be May 24. The LCS Web page is <http://www.kymac.org>. | List posting address: <mailto:macgroup at erdos.math.louisville.edu> | List Web page: <http://erdos.math.louisville.edu/macgroup>
