Damn. As someone who has dabbled in OS history research Usenix's archives were a God-send. I hope they continue to maintain them, and that other groups can take up the mantle of hosting cutting-edge computer science research (at least to the extent its still happening).
A software updater was going to be my best guess at what this was. I guess I understand the flexibility it brings, but it definitely does have some security trade-offs.
I'm not aware of the "helper tool" popup, but I would definitely be skeptical of it. Even if it is Slack, Slack is just a messaging application. I don't know what legitimate need it would have for a helper tool. I would ask Slack support, though (and hopefully you can get a real answer and explanation).
I kinda like this angle. While Slack makes an effort to work basically everywhere with low effort, I wonder what would follow if it wasn't the case.
For instance if for some stupid legal reason Slack was banned from macos, how many people would just switch to another OS ? I'd bet it would be a non trivial amount of users at this point.
> I kinda like this angle. While Slack makes an effort to work basically everywhere with low effort, I wonder what would follow if it wasn't the case.
This idea of respecting user preference is not the way, though. For example, back when Skype existed, you couldn't remove its icon from the macOS menu bar, because (1) Microsoft didn't believe you had the right to choose to remove that item, and (2) macOS believes an app developer should have more control over what goes in my menu bar than I do.
In environments like this, my trusted colleagues and I communicated using Signal (and before that, WhatsApp).
One somewhat paranoid department that was convinced they were being spied on (they weren’t; I saw the Slack admin dashboard and management was too cheap to pay for the retention and spying features) maintained the use of an ancient Jabber based group chat for their own internal communications.
This was around 8 years ago, but there was no MDM installed on our cell phones, regardless of if BYOB or company paid for device.
The only restriction was if you went to China, you took a burner phone (one of the old company phones, usually) and weren’t supposed to ever use it again once you left. I think they just sold them to a liquidator.
I guess that's a fair point. It cuts both ways, but given that so many people use Slack as opposed to talking, the exact words people used and when are could be open to view. Whereas, before all of this, you may only just have the minutes of any official meetings. Any side chatter not in the meeting room and/or exact phrasings would be lost to time.
Fascinating perspective. I understand your point, and agree with it generally. I will point out though that this doesn't really have anything to do with Continuity or any "feature" per-se. It doesn't really have anything to do with "parental controls", that was just the daemon that was exploited. You don't have to have a "child" user account to be vulnerable to this. Every user account is vulnerable to it.
Thanks for the feedback! I was burying the lede a bit on purpose to entice the reader to read more, but I also completely understand your perspective as well.
> A capability-based design should be able to systematically prevent this kind of problems.
I think Entitlements could be considered a type of capability? And if so, then you're right on your this point, as the solution was to require an entitlement to talk to the daemon itself.
Well, it took 8 hours, but this post is now no longer top 5 on the front page (it's #27 now for me, so still front page, just the bottom). Thank you everyone for your comments!
reply