←back to thread

How Dropbox Hacks Your Mac

(applehelpwriter.com)
1037 points 8bitben | 2 comments | 09 Sep 16 15:52 UTC | HN request time: 0.419s | source
Show context
gruez ◴[09 Sep 16 16:41 UTC] No.12463849[source]
The fact that any application can spoof the os password prompt makes me wonder why they don't have a prominent feature to show the prompt is from the OS. On windows there is the secure desktop with the dimming effect.
replies(6): >>12463913 #>>12463935 #>>12463946 #>>12464205 #>>12464261 #>>12465995 #
pritambaral ◴[09 Sep 16 16:50 UTC] No.12463935[source]
Is the "secure desktop with dimming effect" not spoofable?
replies(3): >>12464096 #>>12464194 #>>12464260 #
BinaryIdiot ◴[09 Sep 16 17:16 UTC] No.12464194[source]
Not really. Sure you can make a replica of it but it won't behave the same because you'll be able to minimize or close it but the secure desktop you can't do jack to until you either accept to decline whatever it's asking.
replies(2): >>12464410 #>>12464524 #
fredsted ◴[09 Sep 16 17:52 UTC] No.12464524[source]
Disable the minimize button? Hook into alt tab? There's endless opportunities!
replies(1): >>12466482 #
1. BinaryIdiot ◴[09 Sep 16 22:25 UTC] No.12466482[source]
I mean sure and that may confuse the normal users. But if I remember correctly you can't override / replicate everything without administrative access. If I remember correctly ctrl + alt + del can't be overridden on the security screen. I thought there were other things as well.
replies(1): >>12467330 #
2. pritambaral ◴[10 Sep 16 02:17 UTC] No.12467330[source]
ctrl+alt+del isn't overriden on the legit 'Grant Administrative Access' screen either.