All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com

Thank you for buying via links and ads on this site,
which earn me advertising fees or commissions.
As an Amazon Associate I earn from qualifying purchases.

Other World Computing...
B&H Photo...
Amazon
As an Amazon Associate I earn from qualifying purchases.
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$348 $298
SAVE $50

$170 $120
SAVE $50

$300 $175
SAVE $125

$989 $869
SAVE $120

$400 $310
SAVE $90

$1470 $1299
SAVE $171

$322 $242
SAVE $80

$1470 $1299
SAVE $171

$180 $140
SAVE $40

$500 $275
SAVE $225

$180 $156
SAVE $24

$130 $100
SAVE $30

$3498 $2998
SAVE $500

$1699 $1149
SAVE $550

$280 $230
SAVE $50

$1899 $1499
SAVE $400

$4499 $3499
SAVE $1000

$2198 $1998
SAVE $200

$3998 $3498
SAVE $500

$1799 $1699
SAVE $100

$18599 $16599
SAVE $2000

$1149 $849
SAVE $300

$650 $450
SAVE $200

$199 $119
SAVE $80

$280 $200
SAVE $80

$1399 $1049
SAVE $350

$1199 $779
SAVE $420

$250 $220
SAVE $30

$1699 $1149
SAVE $550

$195 $125
SAVE $70

$79 $49
SAVE $30

$120 $30
SAVE $90

$198 $148
SAVE $50

$3899 $1499
SAVE $2400

$2999 $1999
SAVE $1000

$1699 $849
SAVE $850

$1698 $1198
SAVE $500

$1149 $849
SAVE $300

$1399 $1049
SAVE $350

$1498 $998
SAVE $500

$2797 $2497
SAVE $300

$280 $230
SAVE $50

$799 $449
SAVE $350

$899 $549
SAVE $350

$420 $170
SAVE $250

$1699 $1149
SAVE $550

Upgrade the memory of your 2018 Mac mini up to 64GB
OWC Envoy Pro EX SSD
Blazingly fast Thunderbolt 3 SSD!

Up to 4TB capacity, USB-C compatible.

USB-C model also available


Great for travel or for desktop!

The Crash from 'File:///' — More Broadly What Are These Keyboard Sniffer Hooks Doing in a System-wide OS X API?

Update March 14, 2013: this bug is apparently fixed in OS X 10.8.3.

See Apple Core Rot coverage.

This site is not the first to document the “File:///” bug in Apple OS X, but I have some different thoughts about it than might have been covered elsewhere.

The bug

Typing File:/// will crash many programs on OS X 10.8 (those that use the OS X NSText API).

Actually, simply pasting File:/// will crash (I just tried pasting the first few words of the above into TextEdit). Try it in Apple’s TextEdit and see for yourself.

On my system, when typing File:///

Crash / hang: Mail, Notes, TextEdit
Works OK: Pages , Keynote, Numbers

Typing File:/// will crash many OS X 10.8 programs

Matthew H writes:

I was messing around testing this File url bug you commented on, and was surprised to learn that just *viewing* a file with that url would cause a crash. After first crashing TextEdit following your blog post, I opened the Console log viewer, which then crashed when I clicked the TextEdit crash report.

Using the good old fashioned command line in Terminal, I confirmed the crash report also contained the file url string, making the Console app crash. In addition, the Problem Reporter.app, which is the process that sends crash reports to Apple if you so instruct after a crash, *also* crashed if I clicked for it to show the details of the crash report. Maybe Apple can't fix the bug because their computers crash whenever they open the crash report! Crazy! Thanks for reporting on it.

MPG: I wrote what follows nearly a week before this reader email. It seems particularly a propos to my “When the impact is potentially widespread...” assertion below. And it’s not just about stability— ill-considered global hooks into system code present potential global security breaches too; it’s poor engineering judgment, and this is a serious part what I call Apple Core Rot. And ironic in the context to all the Apple emphasis on sandboxing and similar “lockdown” features.

Security implications

A system-wide API doing unnecessary and unwanted “sniffing” on the things I type makes me nervous, being inherently inappropriate (that NSTextView also happens to have a severe performance hang with large blocks of text is another indictment, but an unrelated issue per se).

Code which doesn’t just process text as raw data, but that actively looks for certain patterns is by definition a keyboard sniffer, regardless of what its purposes or intent is. That is troubling in its own right for a system-wide API.

More important, code this sloppy does not give me confidence that handling of passwords and passphrases and other sensitive data is done in a way that avoids scattering copies of them around in memory (which also means to disk potentially, e.g., VM paging).

This File:/// thing is only one little crash bug (affecting dozens if not hundreds or thousands of programs using the NS* API). When the impact is potentially widespread, the expectations for quality necessarily rise commensurately in all respects and especially in the areas of stability, performance and security. This isn’t one bug in one program. Severe criticism is warranted in such cases, criticism along the lines of questioning competence of testing and quality control. Because the idea that this is the last and only bug is ludicrous.

Security is hard, very hard to do right. What security problems might lurk within the NSText APIs with regards to passwords and/or other sensitive data? When a programmer can’t get basic things right (and a huge world-class organization can’t test code properly), it does not breed confidence. Furthermore complexity breeds bugs of all kinds.

Whatever extra stuff this Apple keyboard sniffer code is doing ought to be deracinated and extirpated from the API. Heck, perhaps the sniffer code is even responsible for the multi-minute hangs when pasting large text blocks.

OWC Thunderblade Thunderbolt 3 SSD

Blazing fast, up to 16TB.

YEE HAH!



√ No more slow and noisy hard drives!
OWC Accelsior 4M2 PCIe SSD
6000 MB/sec!
Mac or PC.


Ideal for Lightroom, Photoshop, video.
Capacity up to 16TB!
OWC Envoy Express

World’s first Thunderbolt 3 M.2 NVME SSD enclosure.

Super fast, bus-powered, 3.3 oz, DIY easy, rugged and compact!


See also OWC Express 4M2
√ No more slow and noisy hard drives!

MacPerformanceGuide.com
View all handpicked deals...

Lexar 128GB Professional 2000x UHS-II SDXC Memory Card
$170 $120
SAVE $50

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__