A Look Inside Address Book
Subject:   Address Book and Security
Date:   2002-08-29 10:05:31
From:   jonblock
Response to: Address Book and Security

I agree that such a malicious program could not become a worm through, but Mac users will not necessarily restrict themselves to Apple mail clients. Entourage, Eudora, and others may be a different story. Either way, that only addresses the hostile code's worm potential.

It could still be harmful without being a self-replicating worm. Since (theoretically) all communications-related programs would use this common address book database, an attacker would have a defined target for virtually all possible software combinations on Jaguar machines.

The wetware factor (getting a person to run malicious code) is not as difficult as you might imagine. People launch attachments all the time, without paying attention to whether they're static images, videos, sound files, or actual programs.

In case I wasn't making myself clear about this, I'm not bashing Apple here at all. This has the potential to be a great feature. I'm just advocating that the database be treated like a secure information repository, with at least the ability to require programs to be individually authorized before being given access to it.

1 to 1 of 1
  1. Address Book and Security
    2002-09-03 11:27:48  agave [View]

1 to 1 of 1