The Hidden Gotchas of Browser Security

| Particle Debris

I have been watching with interest the issues related to browser security. I now use Firefox because, as an independent organization, it has no corporate axe to grind and can cater to the customer. In this case, customers have shown that they like a browser to promote security and privacy.

My first education came from Glenn Fleishman back in 2011: “Keep your Mac safe from Web security flaws.” That’s been a starter kit for me. It’s tough, scary, but fundamental to your Internet life. As a result of my research, I’ve found that Firefox checks the OSCP database automatically while Safari, with no help from the default Keychain settings, does not. This article has what you need to know on the Online Certificate Status Protocol (OSCP) certificates.

Internet Security

So far, so good. But there are those, as I understand it, who are not happy with the OCSP (and also CRL) systems and want to do better. This week, Google weighed in and put a bullet through the head of CRL and OCSP, in the words of Mr. Fleishman’s recent tweet, and declared a better way forward.

I asked Glenn if that means we can dispense with the more rigid Keychain settings, and he advised we do not. Even so, this is an area to pay attention to, especially if you do online banking because you need to be sure your connection is the correct one, not a site posing as your bank. The chart in the OCSP article above, though out of date, suggested that back in April 2011, only Firefox and Chrome had adequate certificate checking. As I continue to research this, I’ll update that notion.

Meanwhile, here’s a preview of Firefox 11.

I have been arguing all along that Apple will, during the holiday 2012 season, counter any Kindle or next generation Kindle with a 7.x-inch iPad. It’s a notion and a rumor that just won’t go away. This next article doesn’t really contain anything new, but it does suggest that I am not the only one who thinks the way I do. (Or maybe the analyst quoted read my stuff and is in an echo chamber, I don’t know.)

March debut of ‘iPad 3’ a sure bet, says analyst.” On page 2, Ezra Gottheil, an analyst with Technology Business Research, goes out on a limb for a 7-inch iPad: “I believe that’s always been in the plan. Actually that’s a good form factor for some users, and although they will also charge a premium above other similar-sized tablets, they want to protect that price flank.”

Protecting their flank is what big companies do.

Does anyone remember what mobile phones looked like before the Apple iPhone? John Brownlee does, and he has a great graphic that compares pre-2007 phones with current day phones. Food for thought. “What Phones Looked Like Before And After The iPhone Transformed The Industry.

Do you have a Wi-Fi tablet, like say, perhaps an iPad, that doesn’t have a USB port? No problem. Just use a Flash drive that has Wi-Fi. Walt Mossberg has the story: “For iPad and Mobile Devices, a ‘Port’ out of the Norm.”

How sensitive is the data in your Address Book? How do you feel about it being grabbed and uploaded somewhere? Jason O’Grady has some thoughts on how Apple, a company that is supremely careful with the approval of iOS apps that might compromise our privacy is apparently somewhat lax about the Address Book data. Here’s the story: “Apple doesn’t enforce its own Address Book policy.

We all know what a MacBook Air looks like. Very cool. We also know that the MBA is a whole lot cooler looking than its big brothers, the MacBook Pro line. So why not make every MacBook look like an MBA? Here’s the best evidence yet that Apple intends to do exactly that. As Mr. Spock would say, “Perfectly logical.”

______________

Teaser image credit: Shutterstock.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

2 Comments

ibuck

Ezra Gottheil, about a 7-inch iPad: ?they will also charge a premium above other similar-sized tablets?

Wouldn’t $299 for a 16GB 7-inch wifi device be the upper limit to protect that “price flank”?

Second, regarding security:  It seems the address book breach requires an IMMEDIATE fix.  And thanks for the tip about Firefox.

wab95

John:

Your continued articles on Mac-related security are a real service to the user community, and you should be applauded for these updates.

Regarding Safari, the Keychain and OCSP and CRL, my assumption has been that setting the Keychain preferences to ‘Require if certificate indicates’ was reasonably effective. That Safari does not automatically check the OCSP database is disappointing. Hopefully this is something that their security team will address. While I was a supporter of the old Netscape, and rued its loss, I remain underwhelmed by what I perceive as FireFox’s sluggish performance and load times - at least in side-by-side shootout comparisons on my machine (FF 10.0 vs Safari 5.1.3). I hope that Safari can get up to speed on its security omissions. 

I hope that the rumours on the MBPs are true. While I love my 17” MBP, I would not object to a MBA-style form factor, so long as performance is maintained. The core i5 and i7 Ivy Bridge processors may do just that, if they perform as claimed. Meanwhile, my MBP is good for at least another 2 y, so I can bide my time.

That Amazon continue to obfuscate on the Kindle Fire’s profits and contributions to their bottom line (including App and book purchases), it remains to be seen whether their 7” tablet is a profitable venture. If the KF is making Amazon bleed, then it might go away, in which case there is no ‘flank’ to support. I realise, lots of ‘ifs’. Still, I remain a sceptic, not on whether or not Apple will release a 7” tablet - not the first time Apple have reversed course - but that it is needed in order to sustain market dominance or even substantial consumer demand - and be profitable. We shouldn’t have long to wait for answers.

Log-in to comment