Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Releases Safari 3.2 with Improved Security, Anti-Phishing

Winni said:
Over the last weeks, I became more and more disappointed with Safari. Too many websites don't really work with it. Try selling something on eBay with Safari, for example, or homebanking with certain banks. Several corporate pages that I had to use professionally also did not work with Safari.
Click to expand...

So here is an example of 'your mileage may vary'

I use Safari all day, every day with no issues on either eBay, my home banking or indeed most other sites.

However, I do have a problem when I try to access the embedded webserver in my companies appliances using Safari. Coincidentally I also have problems with Firefox but in different pages of that same server.

So, I use Camino when I access the appliances, Safari for EVERYTHING else. Firefox is good, but its no better than IE or indeed Safari (In my Humble Opinion). Each has its benefits, each has its drawbacks, none is perfect.

It's just specious to claim your favourite browser is better than your least favourite browser. I accept that no one tool will do all jobs.
 
I wish there was a way I could get Safari to remember my passwords like Firefox 3 does. And to open windows in tabs all the time. Safari rarely does that even though I checked to in the preferences.
 
glassmen07 said:
I wish there was a way I could get Safari to remember my passwords like Firefox 3 does. And to open windows in tabs all the time. Safari rarely does that even though I checked to in the preferences.
Click to expand...

Saft will give you that (although it hasn't been updated to work with Safari 3.2 yet).

Correction: Saft has now been updated!
 
Safari 4

I'm not sure if someone else has come across this problem or if it's been addressed, but i had the developer preview for Safari 4 installed, however i tried to install Safari 3.2 and it said it couldn't install it as i had a newer version installed, so i deleted Safari 4 with Appzapper and installed Safari 3 from my install disc and tried again, however it still says the same error message. Can anyone help?
 
Winni said:
Firefox is open source and developers don't have to rely on assumptions to make their code work.
Click to expand...
Considering Firefox releases do break some extensions as well means, yes, developers do make some assumptions. Open source or not...

hectors92 said:
I'm not sure if someone else has come across this problem or if it's been addressed, but i had the developer preview for Safari 4 installed, however i tried to install Safari 3.2 and it said it couldn't install it as i had a newer version installed, so i deleted Safari 4 with Appzapper and installed Safari 3 from my install disc and tried again, however it still says the same error message. Can anyone help?
Click to expand...
There might be a Safari related file in /Library/Receipts folder that you need to delete.
 
FireFox 3 still wins. I think open source things like that will always be better because they HAVE to be in order to compete with things like Safari and IE.

Apple, you need to put more effort into it. Safari used to be my #1 browser, but now I'm not sure if I'll switch from FF.
 
darkyeffectt said:
These guys did a test with the new browser Safari 3.2 and verified that although security was improved, still remains a disaster.

http://applediario.com/2008/11/14/nueva-actualizacion-safari-32-es-mas-segura/
Click to expand...

This article doesn't appear to say anywhere that they tested it, it just talks about what the problems were before and says it hopes the update did a good job of fixing them. Did you give the wrong link maybe?

I think it's good Apple updated this, it was long overdue. For people who surf regularly and know what to look out for, it's probably not needed in most cases. But for people who aren't as web-savvy or for some phishing that is getting closer to the real thing, this will be helpful.
 
mr.steevo said:
Hi,

I wish Green wasn't used. I'm colour blind and can't see green (or red, or purple).

s.
Click to expand...

Should have no impact since color isn't the deciding factor. The huge message that appears in the center of the Web Page area shoud be obvious regardless of ability to see color. I'm red/green color blind myself.
 
Winni said:
There's a major difference between Firefox and Safari: Firefox is open source and developers don't have to rely on assumptions to make their code work.
Click to expand...

Sure they do. Relying on a documented behavior not changing is no less of an assumption than relying on an undocumented one, and carries the same costs (it either sometimes breaks on version changes, or limits the speed at which the product can progress).

I'm an open source developer myself, and one of the things I've been involved in is attempting to develop a stable plugin API for Adium. Aside from a few specific subsets (filter plugins, for example), we've been mostly unsuccessful; too many of our early attempts have had to be tossed aside in the name of fixing bugs and improving the code.
 
I'm holding out for 10.5.6 before rebooting. Safari isn't my main browser to begin with. I did run the update for the Windows version though.
 
Something I noticed when I checked my gMail account online, I got this in one of my e-mails: (Not sure if it's gMail or Safari).
 

Attachments

  • Picture 2.png
    Picture 2.png
    12.1 KB · Views: 228
boer said:
No. This is SSL Extended Validation. Go google it up.
Click to expand...

Thanks, I was unaware of that fact. But, if you click on the lock you can view the certificate to make sure that the site is, for example, the real paypal site or the real site for your bank. I always made sure to do so.

After reading about EV SSL certificates, it appears to me that entering your sensitive information into sites not of the type above (paypal and banks) is risky. All sorts of businesses can acquire an EV SSL certificate so those wishing to get such a certificate for fraudulent purposes just have to keep up a legitimate appearance long enough to get one.

Am I wrong?

So if certificate validation is not a great anti-phishing system and anti-phishing databases, such as phishtank, are even less reliable, the only true protection is to use your head.

Now Safari has both methods, which is good, but I am not going to overly rely on them for my safety knowing what I know now.
 
munkery said:
After reading about EV SSL certificates, it appears to me that entering your sensitive information into sites not of the type above (paypal and banks) is risky. All sorts of businesses can acquire an EV SSL certificate so those wishing to get such a certificate for fraudulent purposes just have to keep up a legitimate appearance long enough to get one.

Am I wrong?

So if certificate validation is not a great anti-phishing system and anti-phishing databases, such as phishtank, are even less reliable, the only true protection is to use your head.
Click to expand...

You are right. In the end this is not entirely a technical problem. One needs to be careful on the net. EV SSL is added functionality on top of SSL certificates we are used to. Basically the difference is that when SSL is used to verify the domain EV SSL helps to verify the organisation one is dealing with.
 
stuarthatto said:
...So, I use Camino when I access the appliances, Safari for EVERYTHING else. Firefox is good, but its no better than IE or indeed Safari (In my Humble Opinion). Each has its benefits, each has its drawbacks, none is perfect...
Click to expand...

Hold on mate... Don't push it... ;)

Firefox no better than IE... :eek:
Maybe no better than Safari but IE... jeez...
Somebody had serious issues with FF in the past... ;)
 
hectors92 said:
I'm not sure if someone else has come across this problem or if it's been addressed, but i had the developer preview for Safari 4 installed, however i tried to install Safari 3.2 and it said it couldn't install it as i had a newer version installed, so i deleted Safari 4 with Appzapper and installed Safari 3 from my install disc and tried again, however it still says the same error message. Can anyone help?
Click to expand...

I think Safari 4 comes with an uninstaller which you should use. If you can't find it, you probably need to remove the WebKit.framework located at /System/Library/Frameworks but make a backup just in case.
 
r.j.s said:
Does this mean there is phishing protection similar to FF's?

EDIT: I don't see any differences. Although in Preferences, there is an option to warn when visiting a fraudulent site, I just dont know how to test it.
Click to expand...

It filters using Google's blacklist like FF does. I actually found out that a webcomic I visit is actually on that blacklist because it was living on a shared host, and another site on the shared host was doing some bad things.
 
morespce54 said:
Hold on mate... Don't push it... ;)

Firefox no better than IE... :eek:
Maybe no better than Safari but IE... jeez...
Somebody had serious issues with FF in the past... ;)
Click to expand...

Yeah sorry - Perhaps some poetic license was used, I merely meant they were all much of a muchness, and no one browser really shines, despite all of their various fans.
 
Terrador said:
FireFox 3 still wins. I think open source things like that will always be better because they HAVE to be in order to compete with things like Safari and IE.

Apple, you need to put more effort into it. Safari used to be my #1 browser, but now I'm not sure if I'll switch from FF.
Click to expand...

Safari basically is open source. Check out Webkit if you want to know more about the project.

Firefox is a fairly bloated and doesn't integrate well with Mac OS X. If you like Gecko based browsers check out Camino it is better.

In terms of security, no browser has absolute protection from phishing sites. As of Safari 3.2, firefox and safari share the same level of protection.

Given that browsers other than safari have falsely allowed users to have a greater sense of security, Safari users were driven to learn more about phishing scams and how to protect oneself. Hopefully users of safari won't get complacent now that safari has the same anti-phishing systems as the others.
 
Mine crashes

I'm definitely faster since the update but Safari also crashes about every 15 minutes. Sometimes I'm not even using it. Crashed several times while I was in Mail reading my mail.
I'm ready to un-upgrade.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back