p2pnet - rss feed: ‘Windows’ Safari dodgy: researchers
p2pnet.net news:- A mere day after Apple announced a new version of its Safari browser would work happily in a Windows environment, security researchers have uncovered almost 20 bugs.
Aviv Raff, David Maynor and Thor Larholm all reported flaws, says the IDG News Service.
“Maynor alone said he’d discovered six bugs, including two that could be used to run unauthorized software on a victim’s PC,” says the story, going on:
“Safari 3.0 is getting more attention because, for the first time, Apple has made a Windows version of the software available. Now the software can be downloaded by a much larger group of testers.
And Tom Ferris, an expert at finding Apple flaws, said his ‘fuzzer’ vulnerability tester nailed 10 holes in the browser in only five minutes.
He had “harsh words for Apple’s security team,” says IDG, to wit, “That’s horrible, and just goes to show that they took no initiative to fuzz their own software.”
“Apple engineers designed Safari to be secure from day one,” said Apple in a statement Raff called “pathetic.”
However, the beta software, “is being held to the standard that a Gold Master copy should,” the story quotes Mac user Matthew Baker as saying. “It just seems to me that some people… feel some sort of pleasure in reporting issues with Apple’s software.”
Apple’s claims that the people are safer with Safari have indeed made it irresistible to hackers looking to make their bones in a very public way.
“You see a lot of people running OS X saying it’s so secure and frankly Microsoft is putting more work into security than Apple has,” said Dragos Ruiu, winner of the recent CanSecWest Hack a Mac contest.
Meanwhile, why would Microsoft users want to use Safari in the first place? They, ” may need to run Safari to get access to some synchronization features with iPhone and the desktop,” says InformationWeek.
“Moreover, even a sliver of Windows market share will give Safari a huge boost in the raw numbers of its installed base, which would make Safari a more attractive platform for developers and could increase the range of applications available for the iPhone.”
Also See:
work happily - Apple’s new Safari for Windows, June 11, 2007
IDG News Service - Windows Safari Bug-Hunters Boost Tally, June 13, 2007
finding Apple flaws - Apple trouble: crash and burn, April 24, 2006
Hack a Mac - QuickTime hole could be ‘real bad’, April 27, 2007
InformationWeek - Windows Users Don’t Care About Safari, June 12, 2007
If your Net access is blocked by government restrictions, try Psiphon from the Citizen Lab at the University of Toronto’s Munk Centre for International Studies. Go here for the official download, and here for details. And if you’re Chinese and you’re looking for a way to access independent Internet news sources, try Freegate, the DIT program written to help Chinese citizens circumvent web site blocking outside of China. Download it here.
rss feed: http://p2pnet.net/p2p.rss | | Mobile - http://p2pnet.net/index-wml.php | | And use free p2pnet newsfeeds for your site
Tired of being treated like a criminal? They depend on you, not the other way around. Don’t buy their ‘product’. Do bug your local politicians. Use emails, snail-mail, phone calls, faxes, IM, stop them in the street, blog. And if you’re into organizing, organize petitions, organize demonstrations and then turn up on your local political rep’s doorstep, making sure you’ve contacted your local tv/radio station/newspaper in advance. Don’t just complain. Do something!
