Address Book hole and iSync low — 02 Jan 2003

iSync figures on my Best of 02 list, in the "wishful thinking" category, hoping the the first release would be significantly more robust and adopt more phones, etc. Well, version 1.0 doesn't live up to my expectations. It installed correctly, but all my contacts were doubled on my Palm Tungsten, there's still no appropriate category management, and iMac is still required for synching between Macs. Low. The other frustration comes from the Address Book API which can be used by any application to write, or read, or both .. oops. Picked this up on MacInTouch (2003-01-02):

As of 10.2 there is an API that any program can use to read and write to the addressbook. This can be really great because it means that you don't need seperate addressbooks in your email client, your PIM, etc., etc. The API is in Addressbook.framework. Unfortunately, there does not seem to be any protection with respect to which apps can access the addressbook. It would be easy to write a small C program to erase the entire contents of the addressbook! Looks like you've discovered one misuse of these new APIs already. It would be nice if Apple applied a keychain kind of concept: "the application 'Norton Installer' wants to access your addressbook. [allow once] [disallow] [allow always]". This way we can choose which apps we trust to access our important (and private!) addressbook! Hopefully Apple will do something before we see AppleScripts going around by email erasing the addressbook...

Applescript Trojan Horses ? Naaaaaah .. [ fingers crossed ] And according to a MacNN reader, you'll soon be able to publish your Address Book on .Mac .. Lets hope there's some security around all this ..