Columnist: Safari Security Fails to Learn from Past
Columnist: Safari Security Fails to Learn from Past
by , 2:50 PM EDT, July 8th, 2008
Three mistakes in the security design of Safari show that Apple has failed to learn from past mistakes, according to a guest editorial at ZDNet by a security team leader, Aviv Raff.
The mistakes Apple has made were compared to the ways other browsers and OSes handle the issues:
- Automatic file downloading, aka, carpet bombing.
- Browser fuzzing.
- Predictable locations for cache and cookies.
"In conclusion, before porting the Safari browser from Mac to Windows, Apple should have looked at past browser vulnerabilities and design flaws, and really try to avoid them," Mr. Raff, a security team leader for a Fortune 500 company, said. "The examples above show that Apple didn?t learn anything from past mistakes."
What Mr, Raff failed to point out is that no known, in the wild, exploits have been traced to these issues. Even so, a healthy discussion about ways to improve security is always good, especially when it helps keep one step ahead of the bad guys.
Recent TMO Headlines - Updated April 7th
- Mon, 5:39 PM
- Writer and Raconteur Bob 'Dr. Mac' LeVitus (#2) - TMO BGM Interview
- Mon, 3:59 PM
- New York Times Joins Apps Using Sign in With Apple
- Mon, 3:32 PM
- Kindle vs Apple Books on iPad Mini
- Mon, 2:59 PM
- Russia Implicated in BGP Hijacking Incident This Week
- Mon, 2:14 PM
- Totallee Launches UV Phone Sanitizer
- Mon, 1:56 PM
- Store, Secure & Share Passwords/Logins Across Your Team with Zero-Knowledge Encryption: $29.99
- Mon, 1:56 PM
- Quibi Streaming Service Launches in the U.S.
- Mon, 1:53 PM
- New Listening Habits, Apple TV+ on Apple TV Apps – TMO Daily Observations 2020-04-06
- Mon, 1:28 PM
- Here Are The Apps That Support Sign in With Apple (Update)
- Mon, 11:42 AM
- Apple Acquires Irish AI Startup ‘Voysis’
- Mon, 11:39 AM
- Latest Version of macOS Catalina Causing System Crashes For Some Users
- Mon, 9:08 AM
- Behind the Scenes of 'Amazing Stories' on Apple TV+
