1. Welcome to the new MacRumors forums. See our announcement and read our FAQ

Apple Offers Clarification on Mobile Safari Anti-Phishing Feature

Discussion in 'iOS Blog Discussion' started by MacRumors, Sep 12, 2009.

  1. macrumors bot



    Last week, some questions were raised about apparent inconsistencies in the way that Safari on the iPhone and iPod touch was employing a new anti-phishing feature added in iPhone OS 3.1.

    The Loop spoke with Apple about the issue, and learned that the anti-phishing database is updated on a user's iPhone via the charging/syncing process in order to preserve battery performance and prevent hidden data usage on cellular networks.
    The report notes that the entire anti-phishing update must be downloaded in order a user to be protected, which likely explains much of the inconsistent behavior seen in early tests of the feature.

    Article Link: Apple Offers Clarification on Mobile Safari Anti-Phishing Feature
  2. macrumors 6502a

    Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_1 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7C144 Safari/528.16)

    So how does an iPhone user check that it's running with the latest version of this system?
  3. macrumors 6502a

    And i think it would have been useful for Apple to have documented this behaviour from the beginning.
  4. Administrator

    Doctor Q

    Staff Member

    It's nice to have the technical explanation since the reports of inconsistent behavior didn't seem to make much sense.
  5. macrumors 6502

    What else is being downloaded??? This is ridiculous.
  6. macrumors 6502

    They (of course) don't. The lesson is to sync your phone regularly, which the majority of users are most likely doing already.
  7. macrumors member

    You don't even have to sync the phone, you just have to configure it for your wireless network and charge it with the AC adapter.

    I always thought my iPhone was resting when it's cradled in its little dock but nooo, its preparing itself for the dangers of tomorrow !
  8. macrumors 6502a

    Sounds like a sensible solution to me. People always complain about new features. I don't think phishing results need to be updated every minute, and so this background updating makes a lot of sense. After a day or so, everyone will be protected.
  9. macrumors 6502a


    This is the most ridiculous way of installing a program that I have EVER heard...
  10. macrumors 6502a

    nope... I hardly every sync my phone with my laptop/desktop.... Mobile me does all the syncing I care about on a regular basis. Once I have my 32Gb or Music on the iphone I really don't need to change it that often.

    It'll be lucky if I sync it once every 2 months.
  11. macrumors 6502


    It implies, well actually states, you must launch Safari whilst charging and turn the screen off...

    Yes I charge on AC or via iMac but I DON'T launch Safari before doing this.
  12. macrumors 6502a


    Exactly. Who launches Safari when they go to charge their phone? And why assume people leave wifi on 24/7? So confusing...
  13. macrumors 6502

    Given that Safari runs as a background service, it could be that as long as you have launched Safari once, having turned the iPhone on (therefore starting the Safari process) you can charge the iPhone on the home screen and it would still update.

    If Wi-Fi is turned on and the iPhone is charging off the mains or PC/Mac, instead of conserving battery life and turning the Wi-Fi off after a certain period, the Wi-Fi will stay on indefinitely.

    There is no need to sync with iTunes - the article does not mention syncing at all
  14. macrumors 6502

    I'm sorry- I'm not sure I understand this- why couldn't this information be part of the 3.1 update itself, and updates to the anti-phishing feature come with other security updates?
  15. macrumors Nehalem


    Yeah, I never thought to actually launch safari after I began charging.
    I have wIfi on 24/7. I think many more do too.

    I don't know but if this is how it is then okay.
  16. macrumors 6502

    Given that Google adds around 50,000 entries per month (http://googleonlinesecurity.blogspot.com/2009/08/malware-statistics-update.html) that would either involve daily updates through iTunes or few updates and being unprotected for long stretches of time
  17. macrumors 6502

    As I said, I'm pretty sure that once you've launched Safari once, it will remain running in the background (along with Mail) until the phone is turned off/reset. Apple wouldn't require users to leave Safari on the screen while charging, and if they did, they would definitely tell people.
  18. macrumors member

    All of which means that Apple needs to do a better job of communicating these things to users in the first place.
  19. macrumors 6502


    I think everyone needs to settle down here. I believe people are reading this wrong (and rightfully so). But after talking to several developers who work with WebKit, the iPhone OS and understand the this particular Safari phishing issue, this is what is happening: In the new OS, when the user charges his or her iPhone (and I think we all can agree, EVERYONE has to charge their iPhone at one point or another - nothing about syncing whatsoever) the "process" described here begins. I think what Bill Evans was trying to say is that the PROCESS should happen automatically NOT that the user should follow all of these steps to achieve this process ("For most users this process should happen automatically when they charge their phone."). Safari on the iPhone almost always runs in the background, unless too many apps or resources are needed. This is how it keeps your pages loaded even when you close and reopen it. This same principle applies to iPod and Mail. I think what he was trying to say is that TO BE SURE this process is happening, ". . . the user should launch Safari, connect to a Wi-Fi, etc. . . ." but in all fairness a user does not really need to do this. Just charge it, the process will begin automatically.

  20. macrumors member


    after completing this ridiculous method of installation, i tested my iphone after 2 minutes of being plugged in with safari open screen off wifi on. it does work!

    test on tinyurl.com/ratju4
  21. macrumors 6502

    It's not a ridiculous method of installation! The whole point is you don't have to do anything. It's AUTOMATIC and it's the best method I can think of of keeping the database up-to-date without requiring the user to do anything or using cellular data which could be expensive if you're roaming. If you have any better suggestions, let's hear them
  22. macrumors member


    how about any time you are connected to wifi.
    its not automatic you have to open safari and then charge it. personally i use an ihome to charge so that doesnt work for me.
    Apple should have made it more clear on how to activate this feature.
  23. macrumors 6502

    No. You haven't read what was said above. Safari is one of a few Apple apps on the iPhone that runs in the background. That means it is running constantly, even when you're playing with another app or looking at your email. It is a constantly running process, just like how the iPod can play music when you're reading emails or playing an app.

    The user doesn't have to launch Safari because it is always running. Do you have Wi-Fi at home? Because if so, the iPhone will be connected to your Wi-Fi when it's charging, from an iHome, Mac, PC or mains charger, so long as you haven't disabled Wi-Fi. It will then update by itself.

    As a user, all you have to do is not disable Wi-Fi. That's it. At some point you'll have to charge it, and when you do, it will update itself. No launching of any apps, no iTunes syncing.
  24. macrumors member

    ridiculous that they are offering this protection, or ridiculous that you actually have to do something? People complain about the the most asinine of stuff.

    Get a Pre
  25. macrumors regular

    wait, so if I'm reading you correctly, you're actually complaining that Apple has provided you with the option of automatically downloading/syncing updates to your device that will make it more secure (at no extra cost to you, I might add)... exactly what about this justifies your calling it "ridiculous"?

    I'll admit, I'd still like to be aware of what processes occur during a routine sync (aside from managing music/other content), but I can hardly imagine Apple downloading/syncing anything to your device that wouldn't have the security of your device and your best interests in mind... so for your sake, please take a chill pill and try not to make such a big deal out of nothing.

Share This Page