No-name security firm issues vague warning about hip new technology to gain press attention. Pictures at 11.

It's still a good idea to be aware of the potential. :P

half a brain and also want to keep your machine free of malware/spyware (even in Mac OS), you make sure you can trust a source of the download before installing it. If there are any Mac OS vulnerabilities, it will be because people didn't look before they leaped when installing apps like widgets. Mac OS has some good stop-gaps like requiring admin password and such when making major changes to the system that apps like these shouldn't, but I could forsee some people who have admin rights unthinkingly accept some changes without checking to see if that SHOULD be necessary. Time will tell if this truly is an issue, but my opinion holds apple in the clear from such threats for some time.

Btw, MacNN, this isn't news. I guess it would be useful in the continuous security argument by the two camps, if nothing else.

If this 'security expert' instead of mouthing off, actually understood how the mac osx security model works, he would never attempt this lame arguement because this only proves his ignorance on the subject.

Next he'll be telling you to purchase his nifty anti-ware to protect you from the evil malware...

If this 'security expert' instead of mouthing off, actually understood how the mac osx security model works, he would never attempt this lame arguement because this only proves his ignorance on the subject.

Well, if you bothered to even look at the press release, or even read the above, you'd know they are talking about widgets in general, not specifically, and they didn't even try to pawn off knowledge of OS X or say it was a problem.

Oh, and please tell us how Apple's security model prevents security issues via widgets. And go into detail, too, just don't make stupid blanket statements like "You need a password, so its OK!".

half a brain and also want to keep your machine free of malware/spyware (even in Mac OS), you make sure you can trust a source of the download before installing it.

That only helps if the problem is a malware widget. It doesn't help if the widget opens the security hole itself, or the widget app (like dashboard) has issues that creates a hole in it.

If there are any Mac OS vulnerabilities, it will be because people didn't look before they leaped when installing apps like widgets.

Um, no. it can also be due to Apple releasing software that causes security issues. Some past examples, if we must: iTunes installer deleting entire drives (oh, I know, its not a really a security issue, it just acted like one nasty trojan), or how about Safari set up to auto-launch downloaded documents (its still set up to do this by default, BTW), allowing scripts to run, disk images to mount and auto-launch, etc.

is did they make a widget about it ?

This is bullshit_ The article warns about Mac Widgets but says that it found no problems with anything in OS X_ That what they've found affects Vista - no f****** shock there_

I concur with my friend NJFUZZY - FINJAN [who the f*** is this ?] is merely trying for 15 minutes in the spotlight since it's easy to merely throw Apple's name in the mix these days without actually having a coherent thought and having proof to back anything up_