The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Columnist: Safari Security Fails to Learn from Past

Columnist: Safari Security Fails to Learn from Past

by , 2:50 PM EDT, July 8th, 2008

Three mistakes in the security design of Safari show that Apple has failed to learn from past mistakes, according to a guest editorial at ZDNet by a security team leader, Aviv Raff.

The mistakes Apple has made were compared to the ways other browsers and OSes handle the issues:

  1. Automatic file downloading, aka, carpet bombing.
  2. Browser fuzzing.
  3. Predictable locations for cache and cookies.

"In conclusion, before porting the Safari browser from Mac to Windows, Apple should have looked at past browser vulnerabilities and design flaws, and really try to avoid them," Mr. Raff, a security team leader for a Fortune 500 company, said. "The examples above show that Apple didn?t learn anything from past mistakes."

What Mr, Raff failed to point out is that no known, in the wild, exploits have been traced to these issues. Even so, a healthy discussion about ways to improve security is always good, especially when it helps keep one step ahead of the bad guys.

Recent TMO Headlines - Updated April 7th

Mon, 5:39 PM
Writer and Raconteur Bob 'Dr. Mac' LeVitus (#2) - TMO BGM Interview
Mon, 3:59 PM
New York Times Joins Apps Using Sign in With Apple
Mon, 3:32 PM
Kindle vs Apple Books on iPad Mini
Mon, 2:59 PM
Russia Implicated in BGP Hijacking Incident This Week
Mon, 2:14 PM
Totallee Launches UV Phone Sanitizer
Mon, 1:56 PM
Store, Secure & Share Passwords/Logins Across Your Team with Zero-Knowledge Encryption: $29.99
Mon, 1:56 PM
Quibi Streaming Service Launches in the U.S.
Mon, 1:53 PM
New Listening Habits, Apple TV+ on Apple TV Apps – TMO Daily Observations 2020-04-06
Mon, 1:28 PM
Here Are The Apps That Support Sign in With Apple (Update)
Mon, 11:42 AM
Apple Acquires Irish AI Startup ‘Voysis’
Mon, 11:39 AM
Latest Version of macOS Catalina Causing System Crashes For Some Users
Mon, 9:08 AM
Behind the Scenes of 'Amazing Stories' on Apple TV+
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Daily Observations
  • TMO on Twitter!