Re: AppleScript & HTML Again...
Re: AppleScript & HTML Again...
- Subject: Re: AppleScript & HTML Again...
- From: Michael Terry <email@hidden>
- Date: Fri, 26 Mar 2004 14:28:02 -0800
On Mar 26, 2004, at 9:24 AM, John C. Welch wrote:
Even a simple dialog from missing link requiring some sort of password
that
could be checked against a keychain entry would have worked as a way
to make
sure that the human at the computer was the initiator of this action,
and
not a javascript, or some other remote mechanism telling the browser
to send
the open event. That's all. That would have worked. It might have been
inconvenient, but when you talk about setting up a web site that can
run
applications on a machine that is in a remote location and outside of
the
scope of the web browser, then you have to think about these things.
Having someone use Missing Link as a trojan engine, which it is
EMINENTLY
suited for, would be far more inconvenient.
Again its clear you either haven't read or haven't understood anything
I've said. Again the scary-sounding generalities. Be specific, big guy:
How exactly would a remote host click links in my web browser without
my initiating it? Even if it could, what exactly do you imagine the
link clicking could do to the target's machine? Missing Link doesn't
execute any sort of random code, JavaScript or AppleScript. All it does
is launch stuff that's already on your computer.
Having Missing Link put up password dialogs, aside from being worthless
from a security standpoint, would also render MAGS ng Link worthless as
a tool of convenience.
Mike
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.