If autofill isn't enabled, then your browser wont remember what you have entered into a form filed.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Safari Autofill Security Issue Permits Access to Personal Information
- Thread starter MacRumors
- Start date
- Sort by reaction score
If autofill isn't enabled, then your browser wont remember what you have entered into a form filed.
My banking site does not work fully with either FF or Safari. Unfortunately, when I saved files of the transactions using Windows XP, that was not satisfactory either. Screenshots while using either FF or Safari on my Mac are my safeguards, although I will not be able to copy text as with a pdf. As far as I know, XP does not do screenshots or pdf. If anyone knows alternatives, post them please.
My Address Book has only 2 cards, Apple Inc. and my own info. When I first set up this Mac while it was yet new, I had a keyboard protective skin in place. Keys require a more forceful push to be selected, and a double L turned out to be single. The first time autofill completed my info in an on-line purchase, my address was incorrect due to that single L. It was corrected right away, and having autofill is extremely helpful. Some sites require my entering the first character in a field before the field is completed.
I have not received any spam addressed to me. I have received e-mail / spam addressed to my daughter even though her personal info is not in my Address Book.
Are you sure that there are no ways to hide the textfields? Can't you have some pop-over animation or can't you set the text colour to white?
Old news, I've been using this exploit to con my friends for ages now. I first figured it out when safari would autofill information in places where it shouldn't have been autofilled.
Is this really the first time that anyone realized this could be done?
Is this really the first time that anyone realized this could be done?
Touché. I just tested and there are indeed there are alternative ways to hide the fields and still (ab)use this functionality. So that only leaves the speed; half a second per letter to find the right answer (so people whose email-address starts with an A are more vulnerable than those starting with an X
).Yeah, both my iMac and my MBP are synced with Google, and are otherwise configured exactly the same (unless I'm missing something). But on my MBP it also seems to work, but not on my iMac.
I wonder if this is some bizarre fluke, or that this means there's a way around this "hack" with disabling auto-fill.
True. They are first-party software. The third-party reference should probably have been clarified as referring to software from vendors like Adobe and Sun who were mentioned later. Of course, if you know what third-party means, you can probably figure that out for yourself.
False. Safari, QuickTime, and iTunes are not in the operating system. They are software packages like any other. Just like Final Cut Pro, or any number of other pieces of software produced by Apple and others.
True. However, the fact that software ships on the same disc as the OS doesn't make that software part of the OS. XCode, for example, is certainly not part of the OS. Neither are Safari, QuickTime, or iTunes.
All in all, I'll give you 2 out of 3, but I'm afraid I'll have to round down because you clearly don't understand what distinguishes an operating system from an application. Better luck next time.
Long as Jobs denies it..
it doesnt exist. Typical Apple.
Congratulations, Apple! You made me stay on FireFox forever!
it doesnt exist. Typical Apple.
Congratulations, Apple! You made me stay on FireFox forever!
Long as Jobs denies it..
it doesnt exist. Typical Apple.
Congratulations, Apple! You made me stay on FireFox forever!
+1 Steve Jobs is a snakeoil salesman.