Im sure this 'feature' will be deactived by default from now on. iCalendar also allows for automatic addition with events sent via email.
"Further, there is no immediate way to delete a widget that has been installed. According to Tiger's own Help file, "You cannot remove widgets from the Widget Bar or change their order.""
On your Hard Drive click Library > Widgets > Then drag the widget you don't want to the Trash. Sounds pretty simple to me to remove.
tstaheli, correct that is how you do it :) I think those directions may scare some people. :D They dont want you to play with files!
A funky thing about Widgets is right now, they decide for themsleves how much access they get to the user's system, and you have to check out the source code for the widget if you want to see how much it uses.
I hope Apple will soon give the user more information control here before the Widgets run, such as popping up a message such as:
The Widget : "Dancing Widget" is requesting full access to your computer's ______. This may be a security risk. Allow/Deny/Delete.
In the meantime, users should be as cautious running new Widgets as they (hopefully) are running new applications.
None of the Widgets I've downloaded automatically installed - they had to be manually put in /Library/Widgets. And as has been said above, removing them is just a matter of moving them to the Trash.
This seems to be yet another scare story based around misinformation together with speculation based on a theoretical hypothosis, which in this case is flawed.
Macs aren't immune to attacks, and we should all be vigilant, but scaremongering is nt helpful.
No different than downloading and installing any software. Widgets are just applications.
The Safari behavior of auto-installing Widgets needs to change, however. That's just brain-dead.
Apple released an update today for the Widget auto-installation (potential vulnerability) issue. They added Widgets to the items that Safari prompts for before a download is complete.
Thought to share...
Daft! Is it the clock or the dictionary that worries you?
I don't see why a widget should have any security issue just because its called a widget. If I changed the name to safehouse, would that help? Or made it bigger like to spread over the wole desktop, more visible?
Its an application that searches the web, possibly more. So your own firewall's and keychains, permissions etc.. are the protection you have anyway for all applications when conneted to the web, including your browser.
Take them out of the widget folder and chuck them in the bin if you don't like them. You can't remove them from the dashboard, like it says.