Language Selection

English French German Italian Portuguese Spanish

Mac malware door creaks open

Filed under

Apple has been encouraging developers to create new widgets for Tiger's Dashboard--a semi-transparent layer of everyday, often-used applications such as a calculator or currency converter that appears over the user's desktop--but within days of its public release, one developer claims to have already found a way to turn widgets into potential malware.

Developer Stephan, who has posted the widgets to his blog, has created two mini-apps which he describes as "slightly evil." One widget, he says, will automatically install itself on users' desktops when his "Zaptastic" Web site is visited using Apple's Safari browser.

This, according to Stephan, is a golden opportunity for porn scammers, enabling them to auto-install widgets that can hijack browsers.

According to Stephan's blog: "I happen to like (auto-install). I think it's a great thing. But, as I have demonstrated here, it has the side effect of setting up a situation where a user can be given an application without their knowledge.

"That's not such a big deal; by default, widgets can't do much damage, and they can't run unless you drop them into your dashboard. The funny thing is that once that widget is there, according to Apple, you CANNOT remove it."

Full Story.

More in Tux Machines

Fedora 21 End Of Life

As of the 1st of December 2015, Fedora 21 has reached its end of life for updates and support. No further updates, including security updates, will be available for Fedora 21. A previous reminder was sent on 27th of May [0]. Read more

Open source Gov.UK is 'example of UK soft power'

In introducing Manzoni, Nefkens described the UK as a world leader in the “digital transformation of government”, a model even for similar schemes in the USA and Australia. Furthermore, New Zealand has used source code - it’s based on open standards and is open source - to help build out own digital services. Read more

New ELF Linker from the LLVM Project

We have been working hard for a few months now to rewrite the ELF support in lld, the LLVM linker. We are happy to announce that it has reached a significant milestone: it is now able to bootstrap LLVM, Clang, and itself and pass all tests on x86-64 Linux and FreeBSD with the speed expected of an LLVM project. Read more

Altair to Open Source PBS Professional HPC Technology in 2016

“Altair’s open source contribution is valuable and will help advance the work of the OpenHPC Collaborative Project,” said Jim Zemlin, executive director at The Linux Foundation. “By working together to build and extend new technologies for the world’s most complex computing systems, Altair and other members of OpenHPC can accelerate exascale computing.” The open licensing system is scheduled to be released to the open source community in mid-2016. Read more