Your Apple - As Safe As It Seems?
After my initial problems, things have only got worse. Granted - one website now shows text (CNN), but seeing as I now can’t type URLs into my address bar, type queries into my search area, read my menus (at all) and even browse most websites, I’ve switched back to Firefox. For good.
Lots of commenters yesterday were complaining that on systems not using XP, some serious bugs were popping up (aside from the aformentioned ones), such as random crashing, de-bugging errors, start-up failures and random browser closing. Ian Gray wisely pointed out that without our Firefox extensions, we’d be back to the old ways of manually going to Google PageRank servers and checking a page’s status. Same with Alexa - and Compete. Ron Scott shared his denial of service excitement… The icing on the cake?
Veteran security researcher Thor Larholm wrote in his blog that he found a “0day” vulnerability in Safari within two hours.
Researcher Aviv Raff highlighted in a blog post the company’s product statement, that reads: “Apple’s engineers designed Safari to be secure from day one.” Raff found a vulnerability, a memory corruption error that could allow an attacker to insert malicious code on a Windows machine, within three minutes using publicly available fuzzing tools.
Security researcher David Maynor, posting on his Errata security blog, said he was also able to generate a memory corruption error “in no time.” By the end of the day, he was able to generate a total of six bugs–four producing a denial of service (crash), and two capable of executing remote code.
Could this be the end of a secure OSX? Errata certainly thinks so… I can’t help but agreeing in that if the 6 uncovered bugs can be used on the current production versions of the Safari browser - already rolled out on millions of machines, how will Apple respond? 6 expolits in 2 hours is pretty incredible stuff.
Picture via Gizmodo.
Post sponsored by: TechRave
June 12th, 2007 at 8:56 pm
I’m not switching from FF any time soon. Only using Safari to do checks on what my website looks like. Quite weird to suddenly have the tables turned on Safari, eh?
June 13th, 2007 at 7:43 am
Totally. Admittedly, I only downloaded Safari to view my websites, but seeing as I can’t type in URLs, I’ve not got that far yet…
Maybe this is Apple’s way of punishing Windows users?
June 12th, 2007 at 9:04 pm
An apple programme that doesn’t work? I’ve had so much grief from Macphiles about sticking to the PC that I think I am allowed a few seconds of smugness! It may be in beta testing, but you’d really have thought they would have tested on Vista first, or do they really hate windows users that much? I would like to download Safari for testing, but I’ll probably have to wait a while. Never mind, I have my own cuddly Firefox to keep me going in the meantime…
June 13th, 2007 at 7:44 am
Yeah - not tetsing the browser on Vista does seem kinda odd. You’re entirely right about the Appl jives from Macphile friends. They’re no longer signing in to Skype… Hiding, perhaps?
But like you say - without the FF plugins, we’re all dead.
June 12th, 2007 at 9:57 pm
[…] David over at TechZi has documented his problems with Safari in this recent post. He has been having problems actually seeing any text in the menu’s, browser, or just about anywhere. This is just another problem in the wave of problems that have hit Vista PC’s running Safari. […]
June 13th, 2007 at 12:18 am
It says beta for a reason.
June 13th, 2007 at 7:42 am
There’s a difference between ‘beta’ and ‘unusable’, however…
June 13th, 2007 at 8:46 pm
Agreed. Beta always has a few kinks to work out. That’s expected, and totally understandable. However, Safari is simply not working.
June 13th, 2007 at 10:35 pm
Yeah, I mean, they could have tested it before released? The holes and stuff are understandable, but I don’t think Safari f/Windows was tested in enough scenarios.
June 13th, 2007 at 12:12 pm
End of a secure OS X? The only code that’s completely secure is no code at all. The people who wrote (rather, ported) Safari for Windows probably come from a Mac/Unix background, and it would take them quite a bit of time to be on solid footing in the Windows World.
It is usable for me, but then again, any half competent kid with a free Visual Studio Express can whip out an usable browser that works on all supported Windows Versions in around 4 hours. It takes greatness, rather than mere usability to make someone switch Browsers. So, Safari will stay put, for the time being, as an example of how the Konqueror code was eventually ported to Windows…
June 13th, 2007 at 5:32 pm
[…] So far, I’m less than impressed. I can’t type text into my address bar (David is seeing the same problem). There is no functioning search function (it’s there, but it’s not working). Their menus aren’t even showing up in the browser. And yesterday Gizmodo posted about massive security threats with the browser. […]
June 13th, 2007 at 10:11 pm
IF a soft app becomes more popular - we have to expect hacks and new viruses…
June 14th, 2007 at 7:34 pm
[…] I for one am doing my fair share of drewling… Moving back to the Safari debate, whilst version 3.01 might have fixed some of the crashing bugs and patched the odd security loophole, it’s not fixed my font problem and the browser is as unusable as ever. I’ll be upfront with you… I had/have no intention to move to Safari as it is. I simply wanted to use Safari for some light browsing, see how certain designs render, etc. The fact I’ve not been able to visit websites I choose? It appears there’s a whole club of us with unsuable browsers - not just Vista either, though that does seem to be the main source of the problem. That’s why I’m annoyed. Anyhow… Get back to drewling over the iPhone shot. […]
June 24th, 2007 at 3:54 am
I honestly can’t stand Apple and its pride…