The Secret and Scary Success of Skins

FRAMINGHAM (07/17/2000) - Welcome to the chromed world. Have you ever noticed how much of our software can be dressed up in its party clothes for no reason other than we want it to look some way other than the way it was shipped? Does all of this chrome add to the usability of our PCs? Does it make our work better? The answer is usually "no."

It all started with software that had a customizable user interface. In the beginning, you could select what entries you wanted on menus. Later you were given the power to choose what those menu entries could do using macros, and then you were handed the overwhelming vastness of Microsoft Corp. Visual Basic for Applications (see what my evil twin wrote about VBA: www.nwfusion.com, DocFinders: 9046 and 9047).

But over the past couple of years there has been an explosion of skinning - the ability to change the presentation of an application's user interface. I have no idea what the first application was that allowed you to do this, but today there are hundreds.

As "Gearhead" notes this week, that incredible triumph of freeware, Winamp, can be skinned. Then there's the software version of Rocket eBook reader, NetZip, ICQ and scores of other programs - check out http://skinz.org, which offers almost 11,000 skins for a huge number of skinnable applications.

On top of skins are all the gadgets we add to our systems: things such as stock tickers that live in the system tray, clocks that float in menu bars and minibrowsers that display the latest news.

One of my favorite skinning tools and one of the most useless (in that you absolutely don't need it) is Hotbar (www.hotbar.com), which dresses up the menu and toolbar of Internet Explorer with a background graphic. Hotbar.com offers more than 25,000 skins.

I must digress here to note that much of the online advertising that I have seen for Hotbar has focused on skins that feature scantily clad young ladies.

As always, sex sells or, as in this case, perhaps skin sells skins.

On a side note to my side note, the redoubtable Mr. Sterne dropped me a message with a news item: Apparently in Japan, using the latest Wireless Application Protocol-enabled telephones, you can view extremely tiny, grainy pictures of naked Japanese ladies pulled from WAP-enabled porno sites. Some pundits conclude that when a medium is used for pornography, it is bound to take off .

. . for example, think of videotape and the Internet. Go figure.

In short, we're adding chrome and gadgets to our PCs at an incredible rate, and our appetites are nowhere near satiated. Indeed, if the skinning and gadgeting bug has bitten you, I'll bet you'd jump at any neat-looking software gewgaw that came your way.

But what interests me is how unsafe these toys could be. Do you think any chrome toy dealers have exhaustively tested their products for buffer overrun conditions and other back doors? Imagine a skin that is just a little bigger than standard, and so overruns a buffer, and where the excess is code that overwrites the skinning system's code with something such as the dreaded Back Orifice . . . it hardly bears thinking of.

Yet I would bet that in your organization your users have skins and gadgets in use that you have probably never seen. The implications are overwhelming - you can't stop the practice of users putting chrome on their PCs, but the risks are potentially disastrous!

All you can do is have good defenses to spot odd network and PC behavior, a work force that knows enough about their PCs to spot odd activities, and hope that any problems with skins or gewgaws stay theoretical.

New skins at nwcolumn@gibbs.com.

Join the newsletter!

Error: Please check your email address.

More about ICQMicrosoft

Show Comments

Market Place