Archive for the ‘Browser’ Category

Safari Not Looking So Good A Week later

June 19, 2007

Compiler benchmarked Safari against Internet Explorer 7 and Firefox2, and the results didn’t look great for the Apple browser. Safari wound up in last place opening a message in Gmail, last place logging into Gmail, and two seconds slower than Firefox in Google Calendar.

If you didn’t like Safari’s blurry fonts, you’ll hate when it spits out gobbledygook because you have different language settings than English. Take a look at the messed up screenshot Amit Agarwal took, and fixing the damn thing isn’t fun or sometimes easy.  Apple released the first patch for Safari, upping it to version 3.0.1, fixing security vulnerabilities that have already popped up in the browser.

More

Safari 3.0 Install Snafu Cripples Some Macs

June 15, 2007

“Some Mac users who have tried the three-day-old Safari 3.0 browser beta are hopping mad at Apple Inc. because several notable applications won’t work after installing the application.Numerous postings on Apple’s user-to-user support forum recounted various misfortunes when they installed the Safari preview — or tried to. Only hours after Safari 3.0’s launch, a user identified as max said, “Just downloaded it, but while installing the installer crashed. [N]ow my old safari is gone and the installer app does no longer work!”

Others quickly jumped in. “Same problem here,” said Senne. “Installer crashed, can’t launch any Cocoa app. iTunes, Coda, Adium, etc…all fail to launch.” Others jumped in to say that they’d had the same thing happen to them. Cocoa is Apple’s object-oriented development platform.”

More

Safari For Windows, 0day Exploit In 2 Hours

June 12, 2007

“Apple released version 3 of their popular Safari web browser today, with the added twist of offering both an OS X and a Windows version. Given that Apple has had a lousy track record with security on OS X, in addition to a hostile attitude towards security researchers, a lot of people are expecting to see quite a number of vulnerabilities targeted towards this new Windows browser.I downloaded and installed Safari for Windows 2 hours ago, when I started writing this, and I now have a fully functional command execution vulnerability, triggered without user interaction simply by visiting a web site. I will not sell this one to ZDI or iDefense but instead release it here, as I have done lately with a number of 0day vulnerabilities. This place is where you get my latest research )

A bunch of other security researchers such as David Maynor and Aviv Raff have been pounding safariWin with their fuzzing tools, going through thousands upon thousands of test pages in the hopes of triggering some form of memory corruption for potential exploitation. I am a big fan of fuzzing and believe it can produce some tremendous results, but sometimes good old fashioned application specific knowledge can get you far.”

More

Green is good

February 7, 2007

Users of Microsoft Corp.’s latest Web browser can start looking for the address bar to turn green while shopping or banking.

The security feature in Internet Explorer 7 is activated when sites have what’s known as an extended-validation certificate. That’s given out to merchants that have undergone and passed screening that is more rigorous than what is normally required to obtain regular certificates, which trigger a closed padlock on the browser familiar to many online shoppers.

But lack of a green bar shouldn’t be interpreted as a sign a merchant is fraudulent.”

Full Story