Unsane

Never attribute to malice that which can be explained by outright stupidity.

Apple computers are extremely stable critters. Running Unix with the root account disabled already in the box, there is very little an Apple user has to worry about: the OS is not about to hang, much less crash, and well behaved applications simply don't get into trouble. Apple users don't reboot or have Ctrl-Alt-Del keys worn out from overuse: the system is stable - extremely so.

Yet system administrators called in to deal with Macs that inexplicably act up as often as not find the culprit at the bottom of the pile of rubble is the same.

Unsanity.

Unsanity provide a framework for 'application program enhancers' or APEs. Other vendors write the APEs which interface with the Unsanity framework, providing things like Unsanity's own ShapeShifter.

The Unsanity framework succeeds (when it does) because it runs its own daemon - its own device driver - at an access level tantamount to 'wide open' on OS X.

The Unsanity framework can get at any process and even inject code. It can read process memory - and write to it. It can remove code from running processes and/or swap it for code of its own. And so forth. It can do anything.

It can read passwords from any number of users for any number of accounts at any time. With a daemon at its disposal, all bets are off, nothing is secure: Unsanity own the box.

When the Macintosh, through the benevolence of NeXT Computer, finally made the leap to secure (and stable) 32-bit programming, things were supposed to improve, and the underlying system Unix was supposed to make sure of it.

User processes run in virtual memory on OS X; they cannot touch computer hardware; they cannot access much less corrupt memory belonging to other processes; they run instead in a secure - and thereby a protected, safe, and stable - environment.

And this holds and continues to hold as long as user processes are not by some twisted rationale given root access.

Unix and OS X users are expected to be more intelligent.

Warnings of what happens and what can happen when OS X GUI applications get root privileges abound everywhere, including this site.

Warnings about relinquishing control of your computer also abound.

Yet not everyone seems to understand the game plan, and in the desire for fancy doodads on the desktop the game is forfeited and the entire system is held hostage.

Injecting daemon code into ordinary user processes is just plain suicide. It breaks all the rules.

An OS vendor might be happy people find a use for third party applications and enjoy the OS more - as long as no one's getting hurt. But with Unsanity APEs people are getting hurt. Most of the time it can be small inexcusable inconveniences. But it can also be a lot worse.

Give a security expert half an hour to toy malevolently with Unsanity's framework and you'll see an enumeration of planned system exploits a mile long. Any programmer worth the title will be able to demonstrate how havoc can be wreaked with this simple device.

There are no defences - the user has already given the game away. Security is gone - completely.

And farther down the line it's more than just the odd program crash: it's a frightening question of who runs (and owns) the machine and of whether it is possible to trust everyone down the line who has that kind of access to it.

With the Unsanity framework running there is no limit to who or how many interlopers can hijack your computer or how easily it can be done. There are no limits - period.

It's unsane.

Device drivers are touchy things: they have to be tested strenuously to be used. Yet with Unsanity, in effect every two-bit programmer gets to inject code into the system at driver level.

Some users insist they've never had issues with it; Unsanity continually come to their own defence and claim they've only encountered a few bugs in all the years they've had the product on the market; but system administrators dealing with Macintosh computers that are supposed to run 'just like that' and 'insanely great' will always look for Unsanity at the bottom of it all.

And most often will not be surprised at what they find.

Remember: never attribute to malice that which can be explained by outright stupidity.

Except never rule out malice either.