Apple released a public beta of Safari 3 for Windows XP and Vista on Monday, and it didnit take long for people to find problems with it. Not long after that, people were calling Apple to task for releasing beta software is that, exhibited problems rendering along with potential security related issues.
So far, most of the complaints relate to security issues. Security researcher Aviv Raff found a potential security flaw right away. He commented "A first glance at the debugger showed me that this memory corruption might be exploitable. Although, Iill have to dig more to be sure of that. Again, this is just a beta version.. But, donit you hate those pathetic claims?"
David Maynor, another researcher, was able to produce a memory corruption error. "Iid like to note that we found a total of 6 bugs in an afternoon, 4 DoS and 2 remote code execution bugs," he said.
Security researcher Thor Larholm found what he called a "zero day exploit" within a couple of hours. He said "I downloaded and installed Safari for Windows 2 hours ago, when I started writing this, and I now have a fully functional command execution vulnerability, triggered without user interaction simply by visiting a web site."
Of course, finding flaws like these now is preferable to finding them after Apple releases the final version of Safari 3 for Windows. The problem is that while researchers sift through Safari looking for bugs and security holes, some users have forgotten that "beta" means the software is still in development, and issues are bound to crop up.
Blogger News Network offered a typical reaction to Safari 3 for Windows beta. Nancy Reyes wrote "Living here in the Philippines, we get ivirusi infections all the time on our computer. So I was happy to hear that yesterday, Apple Corporation released a new webbrowser for windows systems [sic]. Ah, wonderful. Maybe this one will keep my computer from getting sick."
Relying on applications that are still clearly in a development and testing phase is likely to reveal problems ranging from stability and performance issues, and leading all the way to security related flaws. Publicly available beta software is so common now that many people seem to have forgotten beta doesnit mean "finished and ready for every day use."