DealsOnTheWeb Daily Deal: OneCall's Weekend Sale - 20 Great Items at Great Prices All Weekend Long
Columnist: Safari Security Fails to Learn from Past
by , 2:50 PM EDT, July 8th, 2008
Three mistakes in the security design of Safari show that Apple has failed to learn from past mistakes, according to a guest editorial at ZDNet by a security team leader, Aviv Raff.
The mistakes Apple has made were compared to the ways other browsers and OSes handle the issues:
- Automatic file downloading, aka, carpet bombing.
- Browser fuzzing.
- Predictable locations for cache and cookies.
"In conclusion, before porting the Safari browser from Mac to Windows, Apple should have looked at past browser vulnerabilities and design flaws, and really try to avoid them," Mr. Raff, a security team leader for a Fortune 500 company, said. "The examples above show that Apple didn?t learn anything from past mistakes."
What Mr, Raff failed to point out is that no known, in the wild, exploits have been traced to these issues. Even so, a healthy discussion about ways to improve security is always good, especially when it helps keep one step ahead of the bad guys.
Observer Comments
Tue Jul 08, 2008 10:46 pm Subject: I don't see any problem with Apple's security record
Recent Headlines - Updated Tuesday, October 7th, 2008
- Tue., 8:20 AM
- BurnAgain FS 1.1 Adds Tiger, German Support
- 7:50 AM
- Trans International Unveils Pro Drive Enclosure for Mac Pro
- Mon., 10:15 PM
- Podcast - Mac Geek Gab #171: WiFi Troubleshooting, iApp issues, Shutdown Problems and More Media Longevity
- 4:20 PM
- TMO Reports - Antitrust case Against Apple, AT&T To Proceed
- 2:25 PM
- iPodObserver - kickBACK iPhone Clear Case Introduced with Kickstand
- 2:05 PM
- AAPL Drops 8.4% Amidst Broader Tech Selloff
- 1:50 PM
- 9to5Mac: Apple's Brick is a New Manufacturing Process
- 1:30 PM
- iPodObserver - NPD: A Third of iPhone 3G Buyers are Switchers
- 12:50 PM
- Nick DePlume Resurfaces, Says Apple's Gone Soft on Rumors
- 10:30 AM
- Hot Forum Topic - Has Apple Sold 10 Million iPhones?
- 9:55 AM
- Dragoman 1.4 Gets German Localization
- 9:20 AM
- Dream Capture 2.2 Adds H.264 Support
- 8:45 AM
- Monday's Mac Gadget - Want Full Remote Control Action? Check Out Mira!
- 8:10 AM
- SEC Launches Investigation in Jobs Heart Attack Rumor
- 7:30 AM
- TMO Quick Tip - iCal: Finding Shared Calendars
The Mac Observer Reader Specials
- Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
- OWC: NewerTech miniStack FireWire/USB 2.0 HD & Hub Up to 1.0TB of Performance Storage + FW/USB2 Powered Hubs - convenient & sleek 6.5" x 6.5" x 1.5" Featured: 500GB $169.99; 750GB $209.99; 1.0TB $339.99
MacBook/MacBook Pro / MacMini / iMac Intel Core2 DUO DDR2 667Mhz 4GB Kit $80, 3GB Kit $60, 2GB Kit $40, 1GB $20 - Click to Maximize your Macs...
Mac observers can now play Party Poker for Mac as well as Mac casino games by going to MacPokerOnline.com.
RamJet Memory: Mac Pro FB-DIMMs: 2Gig kit $95, 4Gig Kit $179, 8Gig Kit $355! MacBook 2Gig Kit $78, 4Gig Kit $149! Click hereFor the latest Apple products use Ciao a comparison website to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate cell phones.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
Apple EDU: Students, Teachers and Staff Get an Instant $200 Discount on MacBook Pro Systems 
XBrand 360 Height Adjustable Laptop Stand with USB 2.0 Hub: $62.99 delivered 
Sabrent TV Tuner & Video Capture Box USB 2.0 w/ Remote: $26.99 Delivered 
Sony Bravia KDL-32L4000 32" 720p Flat-Panel LCD HDTV: $598.00 + $6 Shipping 
Philips 47PFL5603D/27 - 47" Widescreen 1080p LCD HDTV: $1197.99 
