Apple's TextEdit App. Can Erase Your Files
Wednesday, May 13, 2009
Apple’s TextEdit application has a massive design flaw that could potentially erase other files on your computer. Weird, right? Ironically, it’s TextEdit’s safeguard against loss of data that is the culprit of the defect. And the corruption of files isn’t a randomly occurring glitch either — it is caused by a shortcoming of the algorithm used in the Autosave feature.
The Autosave Flaw
When editing a document in TextEdit, a copy of your work is automatically saved every 30 seconds to the hard drive*. This behavior is common in software as it provides a convenient means to recover some of your work should the application unexpectedly quit or crash.
Unfortunately, the means by which TextEdit saves a copy of your work is awfully rudimentary. It simply writes your data to a regular file and gives it the same name as your TextEdit document but with “ (Autosaved)” appended as a suffix (without an extension). And since no verification is performed to see if a file with that particular name already exists, it will overwrite anything that gets in its way with no confirmation or warning!
Example
To better illustrate this flaw, take the following scenario. Suppose, for whatever reason, that I have a file named Craziness (Autosaved) and I create a text document called Craziness.txt in the same directory. In the screenshot below Craziness (Autosaved) is an image file (with the extension removed in order to illustrate my point):
When I start editing my Craziness.txt file in TextEdit, the application autosaves my work (as it should), but since my image document has the same name as what TextEdit would call its autosaved file, my image file is overwritten:
When I’m done editing my Craziness.txt document, TextEdit removes the autosaved copy (as one would expect). However, now my original image file is gone with no real way to recover it (since it’s not moved to the Trash but actually overwritten):
Solutions
Accounting for this file naming issue is so programmatically simple that it’s astounding the defect even exists. The simplest improvement would be to prefix the filename with a period (as in .Craziness (Autosaved)) in order to hide it from the Finder since the chances of having a naming conflict with a hidden file are greatly reduced.
But hiding the file from the user still allows for potential name collisions and as Mac OS X’s default text editor, TextEdit’s naming convention should be even more robust. To start, TextEdit could include either a timestamp or a sequence of random numbers to help make its autosaved filename unique. Most importantly, however, should be to verify if a file would be overwritten and if so, generate a different random number or append an incremental counter. Heck, even my Page Capture widget won’t overwrite files since it uses the same naming convention as Apple’s screencapturing application (File 1, File 2, File 3, etc.)
The Rant
One might argue that the possibility of having a file end with “ (Autosaved)” and not have an extension is pretty slim. So what? My argument is that the possibility of an application deleting other files blindly is a completely unacceptable use case scenario, no matter how rarely it may occur. I think it is more reasonable to expect that a corporation as large as Apple Inc. would produce software that doesn’t delete unrelated files from my hard drive without my knowledge. Especially since OS X is — as Apple claims — the “most advanced operating system in the world.”
*30 seconds is the default. The time interval is configurable and the user is allowed to disable the Autosave feature entirely.
Labels: apple inc., development, intuitive, nit pick, security, software, ui, user interface
16 comments:
What about just a simple prefix:
TextEditAutoSave Craziness.txt
It is unlikely that another application would use TextEditAutoSave as a prefix. I wonder what happens at the moment if you open two TextEdits with the same file?
02:31
A different prefix (or suffix for that matter) won't suffice - no matter how unlikely it is that there would be a naming conflict. After all, I think it is pretty unlikely that a user would have a file named in such a way that would conflict with the naming convention being used now. The point of this article is that the application should ensure that a file won't be overwritten, regardless of the naming convention used.
And you can't open two instances of TextEdit with the same target file. If you try, it'll just revert you back to the already opened window.
11:35
I lost my data on text edit ( auto saved ) I try to find it but seems not get it. Any body here know how to recover text edit autosaved ?
email me at : visionderson@hotmail.com
Thanks
12:50
Super-Duper site! I am loving it!! Will come back again - taking you feeds also, Thanks.
11:54
I inclination not acquiesce in on it. I over warm-hearted post. Especially the title attracted me to be familiar with the intact story.
20:24
Good brief and this enter helped me alot in my college assignement. Say thank you you seeking your information.
18:35
My friend and I were recently talking about the prevalence of technology in our day to day lives. Reading this post makes me think back to that debate we had, and just how inseparable from electronics we have all become.
I don't mean this in a bad way, of course! Societal concerns aside... I just hope that as memory becomes less expensive, the possibility of copying our memories onto a digital medium becomes a true reality. It's a fantasy that I daydream about almost every day.
(Posted on Nintendo DS running [url=http://www.leetboss.com/video-games/r4i-r4-sdhc-nintendo-ds]R4i[/url] DS S3)
12:24
I am very impressed with the article I have just read. I wish the author of www.apaulodesign.com can continue to provide so much practical information and unforgettable experience to www.apaulodesign.com readers. There is not much to tell except the following universal truth: If its says "you must restart your system" its lying. I will be back.
01:29
Nice post and this fill someone in on helped me alot in my college assignement. Say thank you you for your information.
20:03
I really like when people are expressing their opinion and thought. So I like the way you are writing
11:20
I'm new around here, seems like a cool place though. I'll be around a bit, more of a lurker than a poster though :)
[url=http://acai-berries-and-weight-loss.wetpaint.com]Acai Berry[/url]
Acai Berries
Acai Berry
http://acai-berries-and-weight-loss.wetpaint.com
Acai Berry
20:18
I am reading this article second time today, you have to be more careful with content leakers. If I will fount it again I will send you a link
02:10
Hi, just wondering if anyone can help with a problem I'm having? I'm connected to the internet and it will let me open google but if I try to open another webpage it tells me the page cannot open. I already checked the firewall and everything seems fine, i also scanned for viruses with Avira and Mallware Byte and nothing showed up. If anyone can help it'd be much appreciated thanks! :-) [url=http://gordoarsnaui.com]santoramaa[/url]
13:46
free dating sites [url=http://loveepicentre.com/]desire easy discreet couples dating encounter female finding fun lost[/url] singles church groups clarion pa http://loveepicentre.com/ dating is murder by susan jane kozak
05:37
[b]Website Traffic[/b]
A new way to get traffic to your website. Not only will you get loads of [url=http://www.fastpixeltraffic.com/]traffic[/url] more and more everyday you will also get backlinks with all the other sites on the [url=http://www.fastpixeltraffic.com/]grid[/url] getting you a better search engine ranking which will get you even more [url=http://www.fastpixeltraffic.com/]website traffic[/url].Get on the pixel grid today and let the traffic come to you.Taking the internet by storm.The new way to advertise.
Visit: http://www.fastpixeltraffic.com/
06:56
It isn't hard at all to start making money online in the underground world of [URL=http://www.www.blackhatmoneymaker.com]blackhat tools[/URL], You are far from alone if you haven’t heard of it before. Blackhat marketing uses little-known or not-so-known avenues to generate an income online.
15:06
Post a Comment
Links to this post:
Create a Link
<< Home