{"id":1758,"date":"2006-03-10T11:18:20","date_gmt":"2006-03-10T14:18:20","guid":{"rendered":"http:\/\/brockerhoff.net\/bb\/viewtopic.php?p=1720"},"modified":"2010-05-08T20:06:43","modified_gmt":"2010-05-08T23:06:43","slug":"re-kill-custom-icons-4","status":"publish","type":"post","link":"https:\/\/brockerhoff.net\/blog\/2006\/03\/10\/re-kill-custom-icons-4\/","title":{"rendered":"Re: Kill custom icons?"},"content":{"rendered":"<p><em>Posted by <strong>Nando<\/strong>:<\/em><br \/>\nI agree with what you&#8217;ve said from a security and development point of view, the current methods the system uses to identify the application to which a file is registered seems quite secure to me though. I&#8217;ve decided to play with some of my files, changing the extension of a .mov file to .doc, and the system would recognize it as a Quicktime movie just fine. I did that with non-apple formats, and even a document kind I created for fun, and it would open on the right application even if saved with anotehr extension.<\/p>\n<p>The problem really lies within the file&#8217;s data fork, once you change that you can easily have the application open a file that is not attached to it, which might not be a succesful task. But in the case of malicious files, the icon is what really makes the confusion, as you have said on a recent post.<\/p>\n<p>Custom icons are easy to apply to files, you can do it easily from Finder itself, with special applications such as IconFactory&#8217;s Pixadex or Unsanity&#8217;s Shapeshifter. The second one, as far as I know, really does play with the data forks, changing the icons from inside out, while Pixadex just applies them as a cover that is easily removable.<\/p>\n<p>On either case, killing custom icons is really not a solution. First of all because it would mean a dead end to those who, like me, make a living out of that. Ask the guys from IconFactory and MacThemes Forums, they&#8217;ll probably like their Macs pretty with custom themes and icons than a &#8220;secure&#8221; one &#8211; and we know this doesn&#8217;t actually threatens anyone&#8217;s security, <em>yet<\/em>.<\/p>\n<p>One thing that could work is have the software check if the icon it&#8217;s file holds is not the icon for another application&#8217;s file. The system has a list of the icons for each file type, so a background check on that wouldn&#8217;t take long at all, probably not over 0.3 seconds. If the icon is unknown, the software would ask the system &#8220;Is this a themed OS?&#8221; (something that would be set on System Preferences against Apple&#8217;s will or through Third-Party software), if it is themed, carry on with the loading, if it is not, warn the user of the possible security threat.<\/p>\n<p>As complicated as this solution might sound, I don&#8217;t see any other way to keep everyone happy &#8211; and secure. So let&#8217;s just hope in 5 years the Mac is still as secure as now, it&#8217;s probably the best we can do.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Posted by Nando: I agree with what you&#8217;ve said from a security and development point of view, the current methods the system uses to identify the application to which a file is registered seems quite secure to me though. I&#8217;ve decided to play with some of my files, changing the extension of a .mov file [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3,33],"tags":[23],"class_list":["post-1758","post","type-post","status-publish","format-standard","hentry","category-apple","category-graphics","tag-mac"],"featured_image_src":null,"author_info":{"display_name":"Rainer Brockerhoff","author_link":"https:\/\/brockerhoff.net\/blog\/author\/rbrockerhoff\/"},"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p1q3Zc-sm","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/brockerhoff.net\/blog\/wp-json\/wp\/v2\/posts\/1758","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/brockerhoff.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/brockerhoff.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/brockerhoff.net\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/brockerhoff.net\/blog\/wp-json\/wp\/v2\/comments?post=1758"}],"version-history":[{"count":0,"href":"https:\/\/brockerhoff.net\/blog\/wp-json\/wp\/v2\/posts\/1758\/revisions"}],"wp:attachment":[{"href":"https:\/\/brockerhoff.net\/blog\/wp-json\/wp\/v2\/media?parent=1758"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/brockerhoff.net\/blog\/wp-json\/wp\/v2\/categories?post=1758"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/brockerhoff.net\/blog\/wp-json\/wp\/v2\/tags?post=1758"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}