Thursday, January 13, 2005
Everything has security holes--Mac iTunes bug
If you have a Mac, run the iTunes music software, and share playlists with others, you need to run Software Update and get the latest patch. It turns out that a malicious person could booby-trap an iTunes playlist file to do bad things to your computer.
I don't have any word about whether this was happening in the field already or whether someone caught the problem first.
Are you wondering why things like this keep happening? One reason is that the most popular computer language makes it very easy to make mistakes like this. Another reason is that security bugs like this are hard to catch in testing. But the big reason is that personal computers assume they can trust the software they're running. Two decades ago the military was developing systems that could maintain security even with untrusted software. They wanted to make sure that even if your word processor was sabotaged, you wouldn't be able to save a Top Secret document into a Secret file. Nobody ever figured out how to make those systems usable. Maybe it's time for the industry to try again.
|
I don't have any word about whether this was happening in the field already or whether someone caught the problem first.
Are you wondering why things like this keep happening? One reason is that the most popular computer language makes it very easy to make mistakes like this. Another reason is that security bugs like this are hard to catch in testing. But the big reason is that personal computers assume they can trust the software they're running. Two decades ago the military was developing systems that could maintain security even with untrusted software. They wanted to make sure that even if your word processor was sabotaged, you wouldn't be able to save a Top Secret document into a Secret file. Nobody ever figured out how to make those systems usable. Maybe it's time for the industry to try again.
# posted by Frederick @ 3:37 PM Email to a friend:
Haloscan: they provide trackback