Firewall Wizards mailing list archives
Speaking of the non-technical and security
From: Gwendolynn ferch Elydyr <gwen () reptiles org>
Date: Tue, 18 May 2004 22:34:10 -0400 (EDT)
In the context of the earlier discussion about how average users are unaware of security issues in general. Making Light is the blog of a fiction editor at a large publishing house - certainly not the sort of person that we'd regularly think of as being a part of the security "in crowd". It's nice to see that folks outside of infosec understand and communicate security issues too ;> cheers! ---- http://nielsenhayden.com/makinglight/archives/005217.html Bleeping huge security hole If you have a Macintosh running OSX, you have a problem. Deal with it right now. Tonight. Seriously. . . . Here's how Patrick explained it to me: It is possible to write a URL that, when invoked from one's default browser, invokes Apple's Help program, which is itself a mini-browser which uses a subset of HTML. The trouble is that unlike a well-written, full-fledged, OSX browser, the Help program is (a.) fully scriptable; and (b.) fully capable of running any application or command for which the user has privileges. ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Speaking of the non-technical and security Gwendolynn ferch Elydyr (May 19)