http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: News and Press Releases
Link: Consumer group urges, 'Mac users, dump Safari' (http://www.macbytes.com/link.php?sid=20080805110008)
Description:: none

Posted on MacBytes.com (http://www.macbytes.com)
Approved by Mudbug

Webkit is actually much web compliant; I'm surprised Safari is still lagging behind.

camino ftw

im one of those rare people that love safari... hate firefox... and ie is just crap!

Im a freelance website designer in my spare time! (not one of the crappy ones that design sites using frontpage... proper stuff for lots of money :D )

Unless your an idiot you have nothing to fear from Safari.

Any user that provides secure information based on a phishing attack deserves what they get.

Today everyone is looking for someone else to protect them from risk instead of being responsible for there own actions. You must minimize your own risks by being informed and adhering to safe and common sense web surfing practices.

I Love Safari! Anyone with half a brain can tell the difference between a legitimate site and a fake one. If it doesn't have webaddress.com, then it is not legit. Consumer groups are designed to molly coddle the idiots of the world. So if you are an idiot, the don't use Safari.

TEG

Webkit is actually much web compliant; I'm surprised Safari is still lagging behind.Layout engines generally stay ahead of browsers.

And I'm staying with Safari, because I'm responsible and I look out for threats, so I don't have much to fear.

Consumer Reports is very good at testing cars for safety and comparing features versus price, but they can be a little clueless about some other things. If a product doesn't have something you can tick off in a checkbox, they tend to think the product isn't as good, regardless of other factors.

Phishing is something that should be a common sense avoidance, not something you need an anti-phishing tool for in the browser. Don't click on a link from a supposed bank or credit card company in an email, simple as that. That will even avoid the ones the anti-phishing tool doesn't catch ;)

Unless your an idiot you have nothing to fear from Safari.

Any user that provides secure information based on a phishing attack deserves what they get.

Today everyone is looking for someone else to protect them from risk instead of being responsible for there own actions. You must minimize your own risks by being informed and adhering to safe and common sense web surfing practices.

I couldn't agree more strongly(or maybe I could).

I suppose Consumer Reports will tell us we shouldn't open our emails either. Never had a phishing scam in an email. What a said attempt at trying to stay viable!

ow much is software developers responsibility to implement protection tools and how much is user responsibility to watch out for sites that maybe dangarous?

What are people thinking?

I get emails all the time claiming that there was a possible breach on my online banking account, and that I should follow the link to input my username/password to confirm my identity. I have a difficult time beleiving that my bank would send me an email instead of a phone call if they suspected there was a breach of my account and my username/password alone would not be enough to prove my identity.

The first time it happened I called my bank; and was informed that there was a scam going around, and that my suspicious on how the bank would go about dealing with such a situation if it occurred were correct and to give them the email address claiming to be from the bank.

But perhaps I'm giving to much credit to the general computer user. Maybe the average "mom and pop" need to have their hands held when crossing the "information super-highway".

:)

Some people will always fall for scams. It just happens. They'll always build a better idiot. Instead of urging to dump safari they should just make their point and let the consumer decide.

how much is software developers responsibility to implement protection tools and how much is user responsibility to watch out for sites that maybe dangarous?

Most of the broad spectrum phishing right now is pretty obvious, yeah, but one rising problem for instance is targeted phishing. In the targeted model, much more effort is put into making the bait appear real. For instance, targeted phishers will use public internet resources to find information about you such as your address, business affiliation, title, that make their e-mail seem legitimate. Right now, targeted phishing is a problem in relatively small sectors, but it does happen, and it's been a rapidly increasing aspect of the overall problem. Granted that some of the people who get caught by it are brilliant (managers and execs at big companies, IT users at top tier universities, etc) but computer ignorant, but still, it has a net impact on the overall system -- you may not respond to a phishing attack, but your company still pays for the person in the next seat who does.

I think at least simple things like a plugin that checks sites against a suspect list are important. Checking a website for using unicode to provide a misleading looking URL is important too, although I think Safari already does this?

Some people will always fall for scams. It just happens. They'll always build a better idiot. Instead of urging to dump safari they should just make their point and let the consumer decide.

It's true

I urge those that post about this topic to refrain from using "common-sense" as an argument.

I spent a good portion of my early academic years studying the notion of "common-sense" and will always echo Voltaire that "common sense is not so common"

Volumes have been written on it's existence; with the prevailing conclusion being that which is common is a set of structures and understanding held by a group with similar experiences and knowledge.

Perhaps the use of the internet should come with a licensing agreement - one that is based on your ability to learn basic concepts that will develop the necessary critical thinking skills to avoid scam situations.

Just imagine - when you sign up with your ISP of choice, you are presented with a learning module and a test at the end that will only allow you to access the internet if complete.

Where are the consumer groups that tell people to dump Internet Explorer? It gets old hearing people bash Apple but give Microsoft a free run.

I Love Safari! Anyone with half a brain can tell the difference between a legitimate site and a fake one. If it doesn't have webaddress.com, then it is not legit. Consumer groups are designed to molly coddle the idiots of the world. So if you are an idiot, the don't use Safari.

TEG

Maybe if you have only half a brain you can arrogantly assume that phishing is always easy to spot and will only snag idiots.

If you use both halves of your brain, you just might do some research on some of the more sophisticated phishing techniques ( and DNS spoofing).

IMHO, safe surfing requires using the best available anti phishing and anti fraud tools. To insult people because you prefer to go commando is, at the very least, narrow-minded. Good luck.

....
I get emails all the time claiming that there was a possible breach on my online banking account, and that I should follow the link to input my username/password to confirm my identity. I have a difficult time beleiving that my bank would send me an email instead of a phone call if they suspected there was a breach of my account and my username/password alone would not be enough to prove my identity.
....

:)

I've learned that the banks I deal with have an email account called "phishing@bankname.com" (obviously you would put your bank name in instead). I just forward any phishing attempts to it. Ironically, I'll get the forwarded email bounced back to me because one of the servers decides I've sent something I shouldn't have. In other words, the server lets the bad email in to me, but won't let me send it out to the people who would actually like to see it.

I feel that if everyone forwarded all the phishing attempts to the banks, then they might have enough info to prosecute a few more people.

Cheers

People need to not be stupid and understand whats real and fake. I use Safari instead of FireFox because Safari has a better layout and style. People should know whats a fake email and website...I learned that the hardway in 2004 through an eBay/PayPal spoof. If it looks weird and is asking for a lot of information, dont do it. I dont need something to alert me if a website is fake, you should know automatically.

Unless your an idiot you have nothing to fear from Safari.
now thats a convenient statement, you don't need to take responsibility or loss, and you don't need to define "idiot". Its easy to just call those who got hurt "idiots" afterward. And that helps who? how?
People need to not be stupid and understand whats real and fake.

NO, what happened is the balance of people's ability to tell the fake, and the real-ness of the fake webites. You can improve as much as you want, fake websites are improving too.

Rather than attacking those who fell in the trap "stupid", how about do something easy and nice? "put in a phishing filter"?

Blindly defense of anything apple is the biggest enemy of Apple.
Where are the consumer groups that tell people to dump Internet Explorer? It gets old hearing people bash Apple but give Microsoft a free run.
1. consumer report didn't recommend IE, and this is a recommendation for mac users. What does IE have anything to do with mac users? Or you just can't help?

2. IE actually has anti-phishing filters. Granted, It has other problems to worry about.

Safari user urges, "dump consumer group".

Seriously, the problem with relying on technology to protect you is what happens when (not if) that protection is compromised? I'll tell you what: you blindly think "the browser says it's OK so it must be OK" and then you get scammed, that's what.

--Eric

I'm a recent switcher, and one of the main reasons I switched was that the security on Apple machines was supposed to be pretty good. A BBC survey pointed out that around 90% of people did not have proper anti-spam/anti virus protection - and of many of those who did, quite a few downloaded the free online versions which were not as vigorous as the versions wich one had to pay for.

For my part, when I lived in the world of Windows, I actually purchased the most robust anti-virus, anti-spam package I could find, and while it did reduce the daily deluge to a moderate wave, it never managed to eliminate unwelcome visitors completely. My lovely new Apple MBP does not eliminate them completely either, but these days, I am delighted to report that very very few manage to sneak under the radar.

So, yes, there is an argument to be made for taking responsibility for one's own internet security. However, I'd also argue that this whole world is so new, that for a great many people the challenges of successfully adapting are simply unrecognisable. They just don't recognise the nature of the danger. Or that there might even be danger. It is difficult to see that danger or fraud might occur when you are seated in the safety, comfort, and security your living room or study, or even school and work. By and large, these are places where people tend to feel psychologically secure, and personally safe, and are therefore slow, not only to recognise online danger, but to sense it, or even think that it might exist.

This makes consumer groups vitally necessary, both for information provision and enforcement of regulations; besides, which, some older people especially, need a bit of hand-holding when they start embark upon journeying to the online world. Youngsters, do, too, because I'd further argue that they often think the online world is safe, just because their bedroom/study is physically secure.

An awful lot of political/economic/civil rights that we know and enjoy in the western world have been created, or have evolved, in the messy grey area where the "public" and the "private" spaces intersect; one might argue that the modern version of these rights grew out these struggles between monarchs, churches and merchants in the cities and city states, of say, medieval western Europe. Control over actual access, degree of access and rights of access, to both public and private space were central to the development of modern western civil, economic and political rights. However, it took centuries and there are places where such matters are still contested.

With the advent of this new technology of the internet, there is a new conception of space, the virtual, but instead of approaching it as one would access to the public space, most of us treat it instead as though it was part of the private space, and therein lies a major element of the problem. Virtual space means new psychological adjustments, but the speed and universal nature of the change has meant that most of us have not fully made those adjustments in our minds. Public and private we can grasp, but where is virtual? Where are the borders, limits, and personal boundaries?

It is too easy to disparage those who have left themselves open to online ambushes. Referring to "idiots" and suggesting tests for internet users is not really the way forward. How can individuals be expected to take it at all seriously, when their employers, governments, businesses, and academic institutions do not? And let us not forget banks - notorious for breath-taking carelessness and monumental disregard for the security of personal records of their customers?
Cheers