It does, as does other comments I've made in these threads. It makes it easy to get a user to run something unknowingly. Especially if they modify Applications in the sidebar to point to ~/Applications and symlink across the apps that are normally there. *poof* Something that looks legitimate in "/Applications", but really isn't.
Effective malware does not need special permissions
Granted, higher permissions make it harder to remove and/or detect. But given the average user, that doesn't mean squat, they wouldn't notice it unless it was in their face, and even then it's a crapshoot. Until there's effective MAC that an average user can use (Leopard isn't it, SeLinux doesn't cut it for the average user), malware will continue to be a problem. Even then, social engineering will work wonders, it's just more dialogs to make them click through.
This is how I normally run. Unfortunately, it is buggy and still not completely effective. There are those user based locations I mentioned in other comments. Even worse, when you drag into/Applications, even after authenticating as the admin user, the permissions are for the current user with full access. So once it's installed, anything else running with your credentials can edit it.
Depends on what version of OS X you're talking about. Drop something in ~/Library/Input Managers in Tiger and below, and every cocoa app is infected when you run it. Or put something in ~/Library/LaunchAgents and watch for Safari and inject code (non-root for PPC only,special group or root for Intel). Or rewrite plugins residing in ~/Library/Internet Plugins...
With some more thought I can probably come up with a pile more.
It doesn't take special permissions to put stuff in ~/Applications. It's not done by default, but some users do do it, and Finder supports it.
Or heck, just put it on the desktop where the user can click it. No special permissions needed. Most.Apps don't need an installer, nor need to be in/Applications.
Incorrect. The rating enforcement for games is about the same as that for movies in theaters. Both are about twice as effective as rating enforcement for movies bought in stores.
Given the enforcement rates, why aren't movies in stores being targeted?
Kindly point to the peer reviewed study that has withstood examination that shows video games to be a problem worth regulating.
Not liking kids having them != kids being harmed by them.
All the modern consoles have parental controls, and *gasp* parents can veto what their kids buy. Where does the 12 year old you're trying to protect get the money for a game, console, and TV as well as transportation to the store? If all that's done without parental involvement, there's bigger issues with the child than the game, and if it's with parental involvement, why is the law needed?
Or even better, the key is never on a networked computer, ever. That is a lot harder to breach, since it would require a physical compromise as well as a network. Things need to be layered as much as possible.
The company I work for has *ALL* licenses checked by lawyers. Open, closed, it doesn't matter. That cost is amortized across all purchased/obtained libraries.
Slashdot Mirror
It does, as does other comments I've made in these threads. It makes it easy to get a user to run something unknowingly. Especially if they modify Applications in the sidebar to point to ~/Applications and symlink across the apps that are normally there. *poof* Something that looks legitimate in "/Applications", but really isn't.
How many times does this need to be repeated?
Effective malware does not need special permissions
Granted, higher permissions make it harder to remove and/or detect. But given the average user, that doesn't mean squat, they wouldn't notice it unless it was in their face, and even then it's a crapshoot. Until there's effective MAC that an average user can use (Leopard isn't it, SeLinux doesn't cut it for the average user), malware will continue to be a problem. Even then, social engineering will work wonders, it's just more dialogs to make them click through.
Or a buffer overflow in Java that Apple had for more than a year after Sun fixed it.
This is how I normally run. Unfortunately, it is buggy and still not completely effective. There are those user based locations I mentioned in other comments. Even worse, when you drag into /Applications, even after authenticating as the admin user, the permissions are for the current user with full access. So once it's installed, anything else running with your credentials can edit it.
Depends on what version of OS X you're talking about. Drop something in ~/Library/Input Managers in Tiger and below, and every cocoa app is infected when you run it. Or put something in ~/Library/LaunchAgents and watch for Safari and inject code (non-root for PPC only,special group or root for Intel). Or rewrite plugins residing in ~/Library/Internet Plugins...
With some more thought I can probably come up with a pile more.
Did you read my comment? I did not say /Applications. I said ~/Applications
But still damaging. A lot of what MyDoom did can be reproduced in a non-admin level account very easily.
It's trivial to reinstall in OS to clean something. Recovering the data is the issue.
It doesn't take special permissions to put stuff in ~/Applications. It's not done by default, but some users do do it, and Finder supports it.
.Apps don't need an installer, nor need to be in /Applications.
Or heck, just put it on the desktop where the user can click it. No special permissions needed. Most
We all know Professional vetting always prevents bad things from happening or resolves them quickly
There are more good guys, but are there more *qualified* good guys?
How long was the zlib double free present? How long was the hardcoded password in Firebird?
They never required it. A simple "no" always worked for me.
Incorrect. The rating enforcement for games is about the same as that for movies in theaters. Both are about twice as effective as rating enforcement for movies bought in stores.
Given the enforcement rates, why aren't movies in stores being targeted?
OK, so the movie system (stores) has a higher failure rate than video games.
Therefore, the movie system does it's job and game ratings are ignored. Care to explain that logic?
Kindly point to the peer reviewed study that has withstood examination that shows video games to be a problem worth regulating.
Not liking kids having them != kids being harmed by them.
All the modern consoles have parental controls, and *gasp* parents can veto what their kids buy. Where does the 12 year old you're trying to protect get the money for a game, console, and TV as well as transportation to the store? If all that's done without parental involvement, there's bigger issues with the child than the game, and if it's with parental involvement, why is the law needed?
Sounds perfectly reasonable to me. A store selling 18+ games to twelve-year-olds should be punished.
What about a store that sells unrated or R movies to children? All media or none, otherwise the constitutional bar isn't met.
After all, this legislation is going to affect underage people, unlike Jack Thompson's ideas of banning such games for everyone.
Chilling Effect. So yes, it does effect adults.
Or even better, the key is never on a networked computer, ever. That is a lot harder to breach, since it would require a physical compromise as well as a network. Things need to be layered as much as possible.
MD5 was on the same server. What prevented the attacker from changing that as well?
Hollywood Video has been dropping like flies here, so it's possible. They were founded the same year
Like when TimeLine threatened SQL Server users? Sounds real safe.
Here's an example with 12. Linked to from TFA even.
Considering the DRM on Bioshock destroyed a friends install of Battlefield 1942, yes, the DRM needs to be mentioned.
The company I work for has *ALL* licenses checked by lawyers. Open, closed, it doesn't matter. That cost is amortized across all purchased/obtained libraries.
At least a sack of flour doesn't $*@)$*( wander away
That would fall under the obscenity statutes. The type of media is irrelevant.
And that's also one of the reasons why these game laws are unconstitutional. They must apply to all media or none.
Missions are not the same as levels.
Jak and Daxter is completely seamless, no loading screens. Finishing missions will open new areas, but the entire old area is open at most points.