Tiger == BIGGEST SECURITY HOLE EVAR!!!11!!1!evelen
I’m kinda glad I haven’t bought Tiger yet. It turns out that the new Safari + Dashboad team up to allow an unremovable (!) executable to be installed and run just by visiting a web site, like this one, which has a demo and a full explanatation. Sure, dashboard widgets run in a sandbox. How easy are sandboxes to break out of? Maybe I’ll wait for 10.4.1.
UPDATE: According to an update to the linked article, people who have already installed Tiger can protect themselves by unchecking “Automatically open safe files” in Safari preferences. It’s apparently checked by default, and Dashboard widgets are considered “safe”.
REPLY))
All fixed in 10.4.1, now upgrade already, spotlight is cool. Who needs directories and meaningful filenames any more, just throw everything in a big pile and let spotlight sort it out. Really.
REPLY))
Really? I looked through the release notes for 10.4.1, but couldn’t see any evidence that they fixed this. I actually upgraded to 10.4 over the weekend, I couldn’t wait any longer! I just shut off the “auto open safe files” pref.
Yes, Spotlight is great. At work on my PC I use Google Desktop Search, so I’m starting to get used to the ability to be able to find anything anywhere instantly.
One “problem” with Spotlight: once I opened Mail, and it got a chance to index all my old mail, my search results became clogged with SPAM! It’s like Altavista all over again! I have been just letting spam mail pile up in a folder there, figuring that one day I’d go through them and make sure there is nothing I want before trashing them for good. Now I really need to clean house.