Increasing integration between Webcore and the OS is not necessarily going to lead to what MS did with IE and Windows. Webcore allows other apps to render HTML using Safari's engine. That is a good thing in many implementations, anyone gone to the iTunes Music Store lately? It uses both QuickTime and Safari's resources to do well ... everything. Wouldn't it be nice if I could render a web page from within Keynote rather than clicking on a link and being dumped out to a web browser like PowerPoint does? It would be great, it would look seamless from a presentation standpoint.
Now, there are a lot of caveats, it could be done in the fashion that MS has, sharing resources and sharing holes. All depends on the foundation you build the linkage on.
I also hope they don't just patch in an AppleScript to check files, however there is a problem with changing the current default. The purpose of the current default is a user interface issue, Apple is trying to help the very uninformed user [read average guy] by hiding the compression of the file and just opening it up so that people can see the thing they were really meaning to download. The average user is trying to download whatever file not whateverfile.sit. Many people are actually confused by the .sit. Now is this good? No, but it is an attempt to help average users through the interface, that is why StuffIt and Safari open things by default. Now is it secure ... no.
So what do we do? Well, I download a .sit file and then I open it and its essentially the same as if StuffIt had done it automatically. It is still a problem, but when turning off automatic options we are not fixing the vulnerability, its still there, its just not quite as automated, the real issue is the OS being able to tell the difference between a file and an application. An AppleScript is a hacky way to deal with that, but something akin to it used correctly would be better than just turning off things in the long run. We are moving towards more metadata, not less.
David
That is the silliest thing I have heard, when has what MS did ever been
good enough for Apple? Apple is sorta the antithesis of that.
Fast User Switching instead of virtual consoles? The increasing integration
of Safari into the OS with Webkit? Adding an extra check in the installer
instead of not calling the installer from the browser?
As far as your thoughts on what Apple will do, they don't control StuffIt,
They define the trend. If they asked Aladdin to change Stuffit's begaviour
they would.
StuffIt at all since its not theirs. They may change FTP in the Finder
but considering that its pretty benign as far as being useful right now
they have several areas to improve this included.
The problem is it's not benign. It's a deep integration between trusted and
untrusted resources. It's exactly the kind of design decision that lead to
the current problem in the Microsoft world.
I have a feeling Apple will change the defaults for Safari and move on with life,
I hope you're right and I'm wrong.
or they will build in something akin to the AppleScript that was available the day after the announcement to check to see if a file is really an application.
The latter is exactly the kind of patch that is attacking the symptom rather
than attacking the problem.
-- Unsupported OS X is sponsored by <http://lowendmac.com/>
Support Low End Mac <http://lowendmac.com/lists/support.html>
Unsupported OS X list info <http://lowendmac.com/lists/unsupported.html> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive <http://www.mail-archive.com/unsupportedosx%40mail.maclaunch.com/>
Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
