You’re reading all articles tagged 'security'

An end to Browser pimping?

23 Mar 2007

Thanks go to Doug March, who pointed me to an article on Ars Technica on Leopard (Mac OS X 10.5). In particular, it was this paragraph that Doug wanted to draw my attention to:

One more tip we got regarding Leopard, is that InputManager plugins are no longer allowed. That’s right… no more little hacks from anybody besides Apple. No more Apple menu hacks. No more Safari plugins.

Oh shit! No more InputManagers = no more useful plugins like Saft or Inquisitor. OK, the use of the word ‘plugin’ is up for debate (Haxie is maybe a more appropriate term), but these are little caffeine boosts to apps with no plugin API, and I for one love them.”

The article continues:

Apple isn’t really broken up about it since InputManagers were often used for nefarious purposes anyway,” our sources said, but the loss of InputManager control will break a lot of shareware and commercial software that currently makes use of that control.

It was news to me, but apparently InputManagers are a security risk. I was well aware of the chance of crashing and sluggish performance, but not malware using it to do BadStuff™ to your Mac.

What isn’t clear at this stage, is whether this applies to SIMBL, a method of applying hacks to a specific app. InputManagers load for every application, whether it’s intended for it or not, although not necessarily being active in those apps. SIMBL got around that and could be more targeted. I’ve asked Mike Solomon if he knows, but I guess until he gets his hands on Leopard, there’s no way to be sure.

It does mention that “InputManager is not exactly the same as APE, by the way”, so perhaps Unsanity’s APE (Application Enhancer) system could be used? I must say though, I’ve not had the greatest experience with their APE modules.

There is another way of course. Apple could develop a proper plugin API for their apps (Safari in particular), but something tells me that ‘giving up control’ is not something they’d want to do, and for good reason. As the Camino developers experienced recently, 3rd party plugins/hacks can really screw with day to day bug tracking and resolution.

Somehow, I can’t help feeling optimistic that someone somewhere will find a way, and a good way at that…


Instagram Hickstagram

  • 22 Oct 2018

    Inktober Day 22. Well, @hicksmade left me with a toughie to follow. Here’s my attempt at Dali taking his pet anteater for a walk. #inktober #inktober2018 #leighandjondoinktober #dali

  • 21 Oct 2018

    Inktober Day 21, another bird (sorry @hicksmade)! This is the Snipe that I watched from the hide at Rusty Common on Friday. Lovely birds with beaks that defy the body they’re attached to. #inktober #inktober2018 #leighandjondoinktober #snipe

  • 21 Oct 2018

    Common Darter Dragonfly

  • 20 Oct 2018

    Inktober Day 20: quick doodle without planning in pencil or looking at reference, which is usually a bad idea. Your turn @hicksmade! #inktober #inktober2018 #leighandjondoinktober

  • 20 Oct 2018

    Morning dog walk. Even the wheelie bins looked good in this light

  • 20 Oct 2018

    Inktober Day 19. Following @hicksmade’s marshmallows with more marshmallows 🤪 #inktober #inktober2018 #leighandjondoinktober #ghostbusters #staypuft

  • 18 Oct 2018

    Inktober Day 18. When @hicksmade did a prawn I was sure she was setting me up to do cocktails! #inktober #inktober2018 #leighandjondoinktober #cocktails

  • 18 Oct 2018

  • 18 Oct 2018

  • 18 Oct 2018

    Inktober day 17 . @hicksmade’s pen led me onto squid and their ink shooting abilities. I also found out that a part of the squids anatomy is called a ‘pen’. #inktober #inktober2018 #ink #leighandjondoinktober

Contact us

Call Jon on +44 (0)7917 391536, email or tweet @hicksdesign.

Alternatively, pop in for tea and cake at the studio…

Hicks
Wenrisc House
Meadow Court
Witney, OX28 6ER
United Kingdom