By John Gruber
Kolide — User focused security for teams that Slack.
My friend and co-conspirator Dan Benjamin has launched Automatic Labs:
Automatic Labs is a web agency specializing in custom web application development, content management systems, database-driven websites, and web design with a focus on usability and standards.
… in certain cases Safari will miscalculate the width of a PRE element. I think I’ve found the trigger. If a nested container element is preceded by uncontained text and a blank line, and there are “too many” characters contained in the nested element, the PRE width will be too wide.
Aladdin’s new StuffIt Deluxe 8 uses a kernel extension to patch the Finder, so that you can create and expand .zip and .sit archives simply by renaming items in the Finder. (This feature — which was available in older versions of StuffIt for the original Mac OS, but which until now was not available for Mac OS X — has always struck me as weird and unintuitive, regardless of how it’s implemented.) Says Unsanity’s Slava Karpenko:
In [the] real world, there are half a dozen solutions that do not involve making a Kernel Extension: above-mentioned APE, a QuickTime component, a Contextual Menu Module. Aladdin just picked the most outrageous out there — the approach can very well be compared to killing a mosquito with a nuke blast. Sure it works, but the impact is just slightly bigger than needed.
Josh Stender, from Aladdin Systems tech support, retorts:
- Most of the AVR kext was written by a former file system engineer for Apple who has extensive experience writing file system code and extensions.
- The kext itself is very light-weight. It only overrides a single function (rename), and only when the file extensions are supported by AVR. And when we do override rename, the actual work is done by StuffItAVRDaemon which is a separate running application. If something goes wrong, it will go wrong in the application causing no harm to the kernel.
Update: “Light-weight” or not, according to this report, StuffIt 8’s AVR kernel extension caused kernel panics under both 10.2.6 and 10.2.8. The report is in French; if your French is as bad as mine, Sherlock’s translation tool does a decent job getting the basic gist across in Engish. (Thanks to Satellio Box for the link.)
A computer security expert who contributed to a paper deeply critical of Microsoft has been dismissed by his employer, a consulting company that works closely with the software giant.
Ah, yes — security through shooting the messenger.