|
|
10.5 forces a "Cancel or Allow" for Downloaded apps!!
|
|
|
|
Mac Elite
Join Date: Aug 2005
Location: Vancouver, BC
Status:
Offline
|
|
OMG..... a MAJOR pet peeve instantly appeared when I tried to install my favourite little app.......
I can't find anywhere to turn this off..... it's going to drive me insane very fast.
|
|
|
|
|
|
|
|
|
Professional Poster
Join Date: May 2007
Status:
Offline
|
|
You can't. But do you download apps that often? it's only the first time you run a downloaded app that it does that.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Frankly, it's a good idea. It keeps apps from masquerading as a GIF by faking their icon, and it's a hell of a lot less annoying than that "This archive could contain an application. Are you sure you want to continue downloading this?" dialog that was in Tiger.
|
|
|
|
|
|
|
|
|
Professional Poster
Join Date: May 2001
Location: Hampton Roads, VA
Status:
Offline
|
|
Yeah this is a great addition IMO.
|
All glory to the hypnotoad.
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Aug 2005
Location: Vancouver, BC
Status:
Offline
|
|
Originally Posted by adamfishercox
You can't. But do you download apps that often? it's only the first time you run a downloaded app that it does that.
Actually I do download apps a lot. I'm one of those people who are always downloading this bit of shareware or that just for the heck of it. I just find this very irritating, not to mention hypocritical of Apple, after the ads they put out, making fun of Vista for the exact same reason.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status:
Offline
|
|
Vista lite
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Sep 2001
Status:
Offline
|
|
Hey, that's awesome. That's nice that it tells you it was downloaded and where from. It only shows it once, so no biggy.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2005
Location: Los Angeles, California
Status:
Offline
|
|
gradient:
I think you're going overboard here. The dialogs in Vista are MUCH more numerous than that, asking you to cancel of allow things such as changing the date. please educate yourself before you make statements based on no fact.
This is a prudent security measure on Apple's part, imo.
|
Linkinus is king.
|
|
|
|
|
|
|
|
Professional Poster
Join Date: May 2007
Status:
Offline
|
|
It just replaces the existing one in Tiger, which is much more annoying.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Originally Posted by brokenjago
gradient:
I think you're going overboard here. The dialogs in Vista are MUCH more numerous than that, asking you to cancel of allow things such as changing the date. please educate yourself before you make statements based on no fact.
This is a prudent security measure on Apple's part, imo.
No way. If Vista has overdone security, than OS X should have no security at all.
Just like if there's a guy next to me that eats too much and is overweight, now to avoid a comparison I have to abstain completely from food until I wither away and die.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Aug 2005
Location: Vancouver, BC
Status:
Offline
|
|
Originally Posted by brokenjago
gradient:
I think you're going overboard here. The dialogs in Vista are MUCH more numerous than that, asking you to cancel of allow things such as changing the date. please educate yourself before you make statements based on no fact.
This is a prudent security measure on Apple's part, imo.
True, I was exaggerating by saying they are exactly the same, but flinging stones isn't exactly called for. One person's prudent security is another's pain in the neck.
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Aug 2007
Status:
Offline
|
|
I for one am excited about this feature. Coupled with the firewall, this provides a rock-solid defense against malware, both more thorough and less annoying than signature-based anti-virus programs. I made a thread a while ago about the concept of whitelisting all good executables and blocking everything else, but this system is potentially even better: Tag all executables downloaded from the internet and require authorization before running.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Mar 2001
Location: Salamanca, España
Status:
Offline
|
|
This is very similar to what is in Tiger. When one downloads an app Safari complains and when one runs it from the first time in the Finder the Finder complains.
Allow or cancel. So what else is new?
V
|
I could take Sean Connery in a fight... I could definitely take him.
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Aug 2005
Location: Vancouver, BC
Status:
Offline
|
|
Originally Posted by OliverTwist
I for one am excited about this feature. Coupled with the firewall, this provides a rock-solid defense against malware, both more thorough and less annoying than signature-based anti-virus programs. I made a thread a while ago about the concept of whitelisting all good executables and blocking everything else, but this system is potentially even better: Tag all executables downloaded from the internet and require authorization before running.
It seems to only apply to downloads from Safari, though. For kicks I downloaded an app using Transmission and it let me run it without any warning at all.
|
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Sep 2001
Status:
Offline
|
|
And it's just common sense with malware running rampant, and the Mac gaining popularity. gradient, keep in mind that you might just download a file and not know there's an app imbedded. I don't have a problem with the warning at all, and in fact, I appreciate it.
And if I remember properly, people were complaining when Safari would download apps without any sort of warning.
Sorry you don't dig it, gradient.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Apr 2005
Status:
Offline
|
|
I'm not even understanding...how is this any different than Tiger?
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Mar 2001
Location: Salamanca, España
Status:
Offline
|
|
Originally Posted by Helmling
I'm not even understanding...how is this any different than Tiger?
The spelling?
V
|
I could take Sean Connery in a fight... I could definitely take him.
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Aug 2005
Location: Vancouver, BC
Status:
Offline
|
|
Originally Posted by Helmling
I'm not even understanding...how is this any different than Tiger?
If you can tell me how it is at all the same as Tiger, I'm all ears. My memory could be failing me more then I realize, but I don't remember getting a pop up regarding running any app that I've downloaded in 10.4. Just to double check my level of sanity, I went back and downloaded an app on my other machine that hasn't been upgraded yet and got no message at all after running it.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
You can thank me for it, as the warnings are pretty much the result of a security bug which I discovered by accident while arguing with an obnoxious person in a long thread. This post is where the light bulb first went on - on the next page, things really start to develop.
If you read the whole thread, you can see what sorts of things are possible if you do not have warnings like this.
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Feb 2007
Status:
Offline
|
|
Kind of makes those allow or deny PC v. Mac commercials a bit more ironic.
I find it supremely annoying, since I take my security seriously enough to only download apps from trusted vendors. Never had a problem on Windows or Mac, ever. I just don't understand what people are downloading and doing with their computers.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Aug 2005
Location: Vancouver, BC
Status:
Offline
|
|
Originally Posted by CharlesS
You can thank me for it, as the warnings are pretty much the result of a security bug which I discovered by accident while arguing with an obnoxious person in a long thread. This post is where the light bulb first went on - on the next page, things really start to develop.
If you read the whole thread, you can see what sorts of things are possible if you do not have warnings like this.
Point taken!
(
Last edited by gradient; Oct 27, 2007 at 03:10 AM.
)
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Originally Posted by ~bash $
Kind of makes those allow or deny PC v. Mac commercials a bit more ironic.
I find it supremely annoying, since I take my security seriously enough to only download apps from trusted vendors. Never had a problem on Windows or Mac, ever. I just don't understand what people are downloading and doing with their computers.
Read the thread to which I linked to find out.
Apps can register for protocols. Web pages can have stuff automatically download in the background. So consider the following scenario.
1. You browse to a page.
2. The page runs a JavaScript which causes a .zip file of an app to automatically download.
3. Safari automatically expands the .zip, thinking it's a "safe" file.
4. The JavaScript waits a few seconds and then redirects to an "evil:" URL.
5. The app that downloaded has registered for the "evil:" URL, and now auto-launches.
Or even the simple social engineering scenario, where you can replace steps 4 and 5 with:
4. The app that the script downloaded has the icon of a PNG file, and is named "Picture 1".
5. The user looks at what he/she thinks is a picture, thinks "Hmm, what's this", and double-clicks the app.
You need to have warning systems to prevent against things like this.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2005
Location: Los Angeles, California
Status:
Offline
|
|
Originally Posted by gradient
True, I was exaggerating by saying they are exactly the same, but flinging stones isn't exactly called for. One person's prudent security is another's pain in the neck.
You're correct. I apologize for flinging stones.
|
Linkinus is king.
|
|
|
|
|
|
|
|
Professional Poster
Join Date: Oct 1999
Location: :ИOITAↃO⅃
Status:
Offline
|
|
Yes, and you did nice sleuthing there; though they did address that in Tiger with the "you haven't handled this url protocol before" warning. The "you haven't opened this app before" warning is a bit much, but I respect the reasoning behind it.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Originally Posted by Mithras
Yes, and you did nice sleuthing there; though they did address that in Tiger with the "you haven't handled this url protocol before" warning. The "you haven't opened this app before" warning is a bit much, but I respect the reasoning behind it.
Not completely. The "You haven't handled this URL protocol before" message doesn't address my second scenario: the application has disguised itself to look like a PNG image and tricked the user into double-clicking it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|