Linked by Thom Holwerda on Wed 15th Nov 2017 23:59 UTC
BeOS & Derivatives

Haiku's GUI is in principle entirely scriptable. You can change a window's position and size and manipulate pretty much every widget in it. The tool to do this is hey. It sends BMessages to an application, thus emulating what happens if the user clicks on a menu, checkbox, or other widgets.

Thread beginning with comment 650980
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Security risk?
by Brendan on Thu 16th Nov 2017 02:32 UTC in reply to "Security risk?"
Brendan
Member since:
2005-11-16

Hi,

Am I mistaken or this is the kind of behavior that Google is worried about in it's accessibility API?


I'm not entirely sure; but I don't think so.

The main problem Google would be worried about is "man in the middle snooping" - things like keyloggers that intercept user's input and send it to a third party so they can scrape out your passwords, etc.

Hiaku's "Hey" scripting looks like it doesn't intercept anything from the user (and can't be used for "man in the middle snooping"). It's more like (a GUI equivalent of) batch files in MSDOS, or shell scripts in Unix, or...

Also note that the "inability" to write scripts for GUI applications is one of the common complaints that command line users bring up in "command line vs. GUI" arguments; even though there's been many approaches to GUI scripting for a very long time (dating back to things like AppleScript and VBScript in the 1990s).

- Brendan

Reply Parent Score: 7

RE[2]: Security risk?
by codifies on Thu 16th Nov 2017 08:26 in reply to "RE: Security risk?"
codifies Member since:
2014-02-14

so... you couldn't create a new text box widget with hey, hover it over one for a password in an application, log passwords and pass them onto the original application... hmmm....

Reply Parent Score: 2

RE[3]: Security risk?
by The123king on Thu 16th Nov 2017 08:41 in reply to "RE[2]: Security risk?"
The123king Member since:
2009-05-28

No, but you could script an application that requires a password to automatically input a password and initiate login without doing it yourself

Reply Parent Score: 5