Comments on: Detecting and Disabling Smart Crash Reporter

By: Us vs Them

Us vs Them — Wed, 26 Sep 2007 18:00:26 +0000

[...] (bbum) blog primarily in the “Sandvox Hidden Features” entry but also in the “Detecting and Disabling Smart Crash Reports” and “SCR: Response from Sandvox” [...]

By: Xune

Xune — Sun, 14 Jan 2007 16:43:52 +0000

b.bum’s recipe for guarding InputManagers won’t work. The Opener hackers demonstrated that, as did the changes in Tiger. If the parent Library is modifiable you can always delete the InputManagers that’s being difficult and create a new one. You need a STICKY BIT on the parent instead. Thank you.

By: ACAMUG » Fake Mac OS X 10.5 Screenshots is a Trojan Horse?

ACAMUG » Fake Mac OS X 10.5 Screenshots is a Trojan Horse? — Thu, 16 Feb 2006 17:17:51 +0000

[...] UPDATE: Its more sophisticated than I’d thought. According to Andrew Welch’s analysis it attempts to install a plug-in called an “input manager” which had it been successful would have allowed it to remain on the machine and attempt to spread via iChat whenever an application was launched (it fails due to a coding error.) Input Managers are intended to be used to provide alternative keyboard entry methods for non-roman languages but at the moment can be exploited for other means. This page documents a method to disable this feature, in this case to circumvent its unauthorized though helpful use for reporting application crashes, but it may help prevent future attacks of this type. I fully expect Apple will modify this mechanism to make it more secure as they did with Widgets when they were first available. [...]

By: links for 2006-02-09 at The International House of Nathos

links for 2006-02-09 at The International House of Nathos — Thu, 09 Feb 2006 04:26:41 +0000

[...] bbum’s weblog-o-mat » Blog Archive » Detecting and Disabling Smart Crash Reporter A handful of Mac OS X apps install SCR without your permission. Here’s how to find it and remove it (and prevent it from coming back) (tags: ***** macosx) [...]

By: allgood2

allgood2 — Tue, 31 Jan 2006 14:54:52 +0000

I think this series of post hits on what I call the “slippery slope” issues. While I agree with Rosyna that

I’m not sure if comparing Windows malware to a useful developer tool on OS X that discloses what it is doing to the user is a proper comparison at all.

It’s true, they aren’t but road to hell is paved with good intentions. I love Unsanity, but the one thing that has stood out for me during this series of postings and rapid flash comments, is that I’d rather have Unsanity argue for what’s right (which they did mention, briefly), which is that developers using their product always explicitly gain consent; then for them to argue who’s wrong in their statement against Unsanity. I feel that the issue is about consent; and again Rosyna makes good points that their are a number of large developers that violate user consent, Adobe being just one of them.

Obviously, Unsanity, feels defensive, maybe I’m out of the loop, but I just don’t feel like acting defensively does much good in this situation. Correct misconceptions sure. But Unsanity has some brilliant products, including haxies. I also think Unsanity stands the test as a “trusted” developer for most. I know they make my short list of developers I trust.

But reading these posts have made me depressed that there obviously exists the need for them to feel so defensive. I went back through the original post by bbum, as well as Daring Fireball, and it seems that they both went out of the way NOT to implicate Unsanity of any wrong doing (because there was none); but that the constant arguments and nitpiking by Rosyna seem to imply more and more that the issue was Unsanity; and then comments started becoming more about Unsanity and the SCR rather than, the very legitimate concern of “what care should developers take to keep their users aware and informed.” “Explicit consent” is key. Without it, every developer, would be developer, hacker, cracker, or stalker can argue that they were doing something of benefit, regardless if you agree or not.

Apple and the Mac OS has built a great community of developers. Most go out of their way to stay on the good side of their users; and I think Macintosh users trust and rely on that. So even if one “trusted” developer does something wrong, accidentally or without forethought, and hopefully without malice; it still effects the entire community. I think Karelia’s response was thoughtful, and a good step—we were wrong, we will change it, wouldn’t it be nice if…

I wish that people would read carefully, and not get up and arms and adamant and force developers in defensive stands. But I’d also wish for a 100 million dollars, better coding skills, a longer attention span, and a kick-a** vocabulary. I’d rather not hear people trashing developers and running for the hills, but I do want to hear about mistakes, errors in judgement, debates of right and wrong. Why? Because for me, it’s how you handle your mistakes that defines your trustworthiness. But also, life is full of slippery slope issues; and its easy to let things slide.

Without Gruber’s reminder, I would have never paid much attention to the issue—probably because I had already decided that Smart Crash Reporter had merit and had installed it independently. I may have thought, its a good app with a good purpose, what’s the problem. Sometimes vision becomes too focused. It’s never alright to install something “silently”. NEVER. And that is important, and its worth users standing up for, and even more so, its worth good and great developers to stand up for as well.

By: Mat

Mat — Tue, 31 Jan 2006 11:51:39 +0000

I just discovered that SCR was installed on my system without my permissionb ut by an unknown application. Is there any way of checking so see what installed that file? Does the file system keep a record of things like that? My dev machines will never have an unsanity “haxie” or anything made by them installed for similar reasons to your own, so thanks for giving us these tips.

By: neoguri

neoguri — Tue, 31 Jan 2006 09:01:46 +0000

I got here thanks to an enlightening article on John Gruber’sDaring Fireball. I totally agree with you and John that this is unacceptable behaviour for Mac software. I goes against both “good computer-house-keeping” as common decency. Thanks for the disable work-around.

By: gummi

gummi — Mon, 30 Jan 2006 17:06:20 +0000

Then obviously, Wincent, you live a Mac life without CocoaGestures and PithHelmet.

I think this kerfuffle is a bit overdone. I had the same reaction when PathFinder 4 installed SCR, but I just dumped it and ran a terminal command as well. I think it was bad form that Cocoatech did this *without* informing the user, but since their application is so good I think they deserve a break.

So, how about we measure our contempt for the InputManager folder based upon the usefulness of any software that needs it?

By: Paul Mison

Paul Mison — Mon, 30 Jan 2006 10:03:19 +0000

Will using Disk Utility’s Repair Permissions revert the Input Managers folders to their previous, less restrictive permissions? Or are they not in its list of things to check?

By: Wincent

Wincent — Fri, 27 Jan 2006 18:51:25 +0000

I tried out Path Finder 4 for a few minutes (until it crashed) on the day it came out, then I trashed it. Today thanks to reading your post I discover that it silently installed an input manager. I totally agreed with you Bill; as a software developer I don’t want anything on my system that alters its behaviour. I’ll be locking down the InputManagers path to prevent this kind of abuse in the future (it is abuse because it’s done without the user’s informed consent, no matter how benign or useful SCR may or may not be in the eyes of its creators). I have never, ever installed any software that needed to make use of input managers, so I don’t think I’ll miss having the folder.