Registering for an Aussie GST number requires installing a keylogger (twitter.com) 20 points by alfiedotwtf 4y ago ↗ HN
[–] _carbyau_ 4y ago ↗ Why do you need a java app at all? Secure forms complete with media are a webpage.Unless the ATO wants you to play a Descent-style game to navigate their bureaucracy?
[–] mc4ndr3 4y ago ↗ My school required everyone to install a process scanner with root privileges in order to join WiFi. I showed people how to install the school's spyware in a virtual machine isolated from the host.
[–] sdflhasjd 4y ago ↗ The title is a bit unsubstantiated. Many apps request this permission for global hotkeys.If it is a Java app, it should be easier to decompile and inspect. [–] sdflhasjd 4y ago ↗ TLDR: Old mouse event code in the JRE causes this prompt. AUSid hasn't been updated since 2017.I downloaded the dmg and extracted the contents, it's a launcher for a JavaFX application with a bundled JRE 8.The java code isn't obfuscated, and I don't see anything particularly interesting, but it would require going through a lot of code.However, the build and file modification dates are all 2017, which is pre-Catalina. Catalina of course introduced this permission warning.I instead did a quick Google for JRE bugs with this issue and it didn't take long to find this issue raised with OpenJDK: https://bugs.openjdk.java.net/browse/JDK-8231513In particular, this comment: https://bugs.openjdk.java.net/browse/JDK-8231513?focusedComm... explains it's to do with mouse tracking around window resizing. [–] alatkins 4y ago ↗ Another case of "never attribute to malice that which is adequately explained by stupidity"...
[–] sdflhasjd 4y ago ↗ TLDR: Old mouse event code in the JRE causes this prompt. AUSid hasn't been updated since 2017.I downloaded the dmg and extracted the contents, it's a launcher for a JavaFX application with a bundled JRE 8.The java code isn't obfuscated, and I don't see anything particularly interesting, but it would require going through a lot of code.However, the build and file modification dates are all 2017, which is pre-Catalina. Catalina of course introduced this permission warning.I instead did a quick Google for JRE bugs with this issue and it didn't take long to find this issue raised with OpenJDK: https://bugs.openjdk.java.net/browse/JDK-8231513In particular, this comment: https://bugs.openjdk.java.net/browse/JDK-8231513?focusedComm... explains it's to do with mouse tracking around window resizing. [–] alatkins 4y ago ↗ Another case of "never attribute to malice that which is adequately explained by stupidity"...
[–] alatkins 4y ago ↗ Another case of "never attribute to malice that which is adequately explained by stupidity"...
5 comments
[ 3.2 ms ] story [ 21.3 ms ] threadUnless the ATO wants you to play a Descent-style game to navigate their bureaucracy?
If it is a Java app, it should be easier to decompile and inspect.
I downloaded the dmg and extracted the contents, it's a launcher for a JavaFX application with a bundled JRE 8.
The java code isn't obfuscated, and I don't see anything particularly interesting, but it would require going through a lot of code.
However, the build and file modification dates are all 2017, which is pre-Catalina. Catalina of course introduced this permission warning.
I instead did a quick Google for JRE bugs with this issue and it didn't take long to find this issue raised with OpenJDK: https://bugs.openjdk.java.net/browse/JDK-8231513
In particular, this comment: https://bugs.openjdk.java.net/browse/JDK-8231513?focusedComm... explains it's to do with mouse tracking around window resizing.