I had a strange thing happen just now as I was working in obsidian on mac. my computer camera flash went off. I have bitdefender installed, but then it suddenly stopped working (wouldn’t do a scan) and I had to reinstall it. I’m doing a system scan for malware as I write this. I opened obsidian and told bitdefender to trust the application, but then I got this error message. Not sure if it’s obisidan or something else, some other app, web browser, or just a crazy fluke-but it worries me that my flash went off and the only thing I’ve installed lately is obsidian plugins. are plugins verified by obsidian? any thoughts on this? hope it’s nothing.
This would be the first report of such an issue that I’ve seen. But yes, it is technically possible for a malicious developer to put bad code in a plugin. Plugins are reviewed initially, but not constantly. This is why that “Turn off Safe Mode?” prompt when you first enable community plugins is so important.
To read more about plugin security, the following thread is a pretty good overview. (Note that this forum offers a summarizing feature, just under the first post in a busy thread.)
PS: have you installed any plugins manually, or just from the Community Plugins gallery?
thanks for your answer… I only install via the gallery… the most recent one was the buttons plugin, but I had just updated about 8 other ones the same day as I hadn’t done an update in some time. I might try to be safe and do a clean install of my mac in case it’s another program or some malware somewhere. I did have my Firefox browser open as I was making notes, so could be from a malicious site? who knows. ugh.
I have 70 plugins installed, I do malware scans quite regularly and have not excluded my Obsidian Vault.
I also have the buttons plugin like you have. I do not have a mac, nor a webcam though.
Nothing has popped up yet, haven’t had any problems, attacks or anything yet.
I just wanted to share this so you don’t get paranoid
If a dev would make a malicious plugin it would most likely be targetted to windows pc’s since there are more users than mac.
thanks for the info. I wound up doing a clean install of my mac just in case there was some malware in my system or some browser plugin perhaps.
Good luck and hopefully you stay safe
Some more unsolicited advice:
- Put a good password on your computer account.
- Turn off any internet sharing (or if you need it, make sure it’s properly secured.)
- Make sure your router firmware is updated, and consider changing the password on that too, or locking out external access with an allow list. Yes routers can be infected too.