On May 13, 2011, at 19:17, Eric Carlson wrote:
I don't know of exploits in the wild, but I've read about
proof-of-concept exploits that overwhelmed the user's attention visually
so that the user didn't notice the Press ESC to exit full screen
message. This allowed subsequent UI spoofing. (I
On Sat, May 14, 2011 at 11:49 AM, Eric Carlson eric.carl...@apple.comwrote:
It seems to me that the right way to fix the problem is let people know
it is sloppy code, not to figure out a way to work around it.
The basic problem is that it isn't sloppy code: it's correct for almost all