You’ll recall that in a previous posting I wrote about three flaws in the Apple Safari web browser. I took Apple to task for not fixing all three flaws, which earned me the wrath of the Apple fanboi community (just look at the comments in that posting). Well it seems that others feel the same way that I do. Stopthebadware.org and zdnet have postings that contend that these issues should be fixed now. In the case of Stopthebadware.org, Laureli Mallek contends:
“Assuming Nitesh’s analysis is accurate, “unwanted downloads,” as Apple calls them, represent a serious security threat to users, who can be easily tricked into executing a malicious file. StopBadware.org believes that users should have control over software being downloaded to their computers, and we encourage Apple to reconsider its stance and treat this as the security issue that it is.”
And in the case of ZDNet, Ryan Naraine says:
“Think about it: A combo-attack where Dhanjani’s Safari vulnerability is used to drop a nasty executable on your desktop and another (known or unknown) vulnerability used to run it. Instant drive-by malware installation!”
Apple wants to play the security card by claiming that they are more secure than Windows. If they want to do that, they have to address issues like this when they appear as opposed to brushing them off as non-issues. I think part of the problem is that the Apple crowd have this impression that they are immune to the attacks that plague Windows users. The fact is that as the number of Apple users grows, the number of attacks that target the Apple platform will grow as well.
So Apple, do the right thing and fix these issues now.
In the meantime, I’ll continue to use Firefox.
Like this:
Like Loading...
Related
This entry was posted on May 30, 2008 at 9:16 am and is filed under Commentary, Security with tags Apple, Safari, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Safari “Carpet Bombing” Flaw Is Potentially Serious Says ZDNet And Stopthebadware.org
You’ll recall that in a previous posting I wrote about three flaws in the Apple Safari web browser. I took Apple to task for not fixing all three flaws, which earned me the wrath of the Apple fanboi community (just look at the comments in that posting). Well it seems that others feel the same way that I do. Stopthebadware.org and zdnet have postings that contend that these issues should be fixed now. In the case of Stopthebadware.org, Laureli Mallek contends:
“Assuming Nitesh’s analysis is accurate, “unwanted downloads,” as Apple calls them, represent a serious security threat to users, who can be easily tricked into executing a malicious file. StopBadware.org believes that users should have control over software being downloaded to their computers, and we encourage Apple to reconsider its stance and treat this as the security issue that it is.”
And in the case of ZDNet, Ryan Naraine says:
“Think about it: A combo-attack where Dhanjani’s Safari vulnerability is used to drop a nasty executable on your desktop and another (known or unknown) vulnerability used to run it. Instant drive-by malware installation!”
Apple wants to play the security card by claiming that they are more secure than Windows. If they want to do that, they have to address issues like this when they appear as opposed to brushing them off as non-issues. I think part of the problem is that the Apple crowd have this impression that they are immune to the attacks that plague Windows users. The fact is that as the number of Apple users grows, the number of attacks that target the Apple platform will grow as well.
So Apple, do the right thing and fix these issues now.
In the meantime, I’ll continue to use Firefox.
Share this:
Like this:
Related
This entry was posted on May 30, 2008 at 9:16 am and is filed under Commentary, Security with tags Apple, Safari, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.