Columnist: Safari Security Fails to Learn from Past
Columnist: Safari Security Fails to Learn from Past
by , 2:50 PM EDT, July 8th, 2008
Three mistakes in the security design of Safari show that Apple has failed to learn from past mistakes, according to a guest editorial at ZDNet by a security team leader, Aviv Raff.
The mistakes Apple has made were compared to the ways other browsers and OSes handle the issues:
- Automatic file downloading, aka, carpet bombing.
- Browser fuzzing.
- Predictable locations for cache and cookies.
"In conclusion, before porting the Safari browser from Mac to Windows, Apple should have looked at past browser vulnerabilities and design flaws, and really try to avoid them," Mr. Raff, a security team leader for a Fortune 500 company, said. "The examples above show that Apple didn?t learn anything from past mistakes."
What Mr, Raff failed to point out is that no known, in the wild, exploits have been traced to these issues. Even so, a healthy discussion about ways to improve security is always good, especially when it helps keep one step ahead of the bad guys.
Recent TMO Headlines - Updated December 7th
- Wed, 4:49 PM
- Apple Announces Powerful New User and Data Security Features
- Wed, 4:43 PM
- Apple Delivers New Wave of OS Release Candidates
- Wed, 3:30 PM
- French Group Files Complaint Against Apple Over Device Repairability
- Wed, 1:14 PM
- Travelin' Tim Talks TSMC
- Wed, 12:34 PM
- 'Disney Dreamlight Valley' Arrives for Apple Mac Sillicon Users
- Wed, 12:26 PM
- Two Women Sue Apple for Illegal AirTag Tracking Incidents
- Wed, 12:17 PM
- Apple Wins Patent Battle Against AliveCor Over Heart Rate Monitoring
- Wed, 11:51 AM
- Apple TV+ Lands 10 Nominations at 28th Annual Critics Choice Awards
- Wed, 3:00 AM
- Pricing Tools for Developers and Things We Didn't See Coming - TMO Daily Observations 2022-12-07
- Tue, 5:06 PM
- Apple CEO Tim Cook Says Chips Can Soon Be Stamped ‘Made in America’
- Tue, 4:49 PM
- Microsoft Looking Into 'Super App' to Directly Compete with Apple and Google in Search Engine Markets
- Tue, 4:04 PM
- Get Your Crunchyroll Anime Fix on Your Mac