Chaszmyr
macrumors 601
Firefox has certainly had its share of vulnerabilities too. And I think if you'd investigate, you'd find that IE has had just about one security vulnerability for every line of code.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Safari Beta Security Slammed; 8 Vulnerabilities Found
- Thread starter yellow
- Start date
- Sort by reaction score
Firefox has certainly had its share of vulnerabilities too. And I think if you'd investigate, you'd find that IE has had just about one security vulnerability for every line of code.
Kenn Marks
macrumors regular
Like the Spaghetti Sauce, it's in there!!!
If you check out the Private Browsing tab of the Safari download page you will notice that all those things you mentioned in FF can be done automatically by turning on private browsing or manually by using the Reset Safari item in the Safari menu list. Hope this makes your new experience exceptional.
If you check out the Private Browsing tab of the Safari download page you will notice that all those things you mentioned in FF can be done automatically by turning on private browsing or manually by using the Reset Safari item in the Safari menu list. Hope this makes your new experience exceptional.
Its not a matter of not agreeing with it, its just wrong because it associates something which is not generally dangerous or disruptive - a bug which crashes a program - with something that is - a real DoS where your computer is not usable or a real virus, which deletes your files. This was done, IMO, not for sane logical reasons but just to extend the reach of the security companies and organizations. As I said previous I crash programs every day. Almost every program will crash. This is not, in and of itself, a security issue.
Mainyehc
macrumors 6502a
Not true. The uninstaller either includes the latest version of Safari 2, or backs it up to an unspecified location. I know this because I encountered an overly annoyng bug - both the close ("X") button and Cmd+W just wouldn't do their task 😱 - and had to uninstalled... As mentioned earlier, my favicons were also zapped, but Safari 2 runs as it should...
Yes to both counts.
All software that communicates or transfers data over the public internet has the capacity for security holes.
longofest
Editor emeritus
I can't believe I'm about to do this, but you're actually being a little unfair to Microsoft/IE. That was IE 6.x, which is no longer the latest version, AND that count was the total number of vulnerabilities found. 20 remain unpatched (17%). IE 7 on the other hand has 12 advisories, 7 of which remain unpatched.
Safari 1.x on the other hand has 15 vulnerabilities, 1 unpatched.
Safari 2.x has 6 advisories, 4 unpatched.
Secunia hasn't updated their page for the latest round of exploits.
All said and done, IE definitely has more vulnerabilities, no doubt about it, but its a bit unfair to still quote them at 115.
That's one of tens of posts all saying the same thing: This is Beta, so bugs are to be expected.
Well, yes, bugs are to be expected. But you don't understand the difference between a bug and a remotely exploitable security hole (forgivable since you're probably a mac user and don't generally have to worry much about those). How are people supposed to test software/report bugs if by using the software they are opening up their computer to a remote exploit? 🙄
Security issues should have been dealt with in alpha, especially in this day and age. I imagine it's not a happy day at Cupertino today.
eenu
macrumors 65816
JD92
macrumors 6502a
Alpha is usually the first release so yeah alphas are definitely likely to have pretty big problems, such as the ones seen here. Beta *usually* is when the feature set is frozen and the rest of the time is spent fixing bugs/UI stuff.
So yeah I would say this is beta, assuming all the features have been implemented.
Earendil
macrumors 68000
Yes.
Ask any software developer. As any IV&V team. Read the EULA or other warnings before installing. That is the entire point of beta software. It's not so you get your freeby before the real deal is released. It's not that volunteer workers make take a risk helping a developer make software the best it can be, before it is released to the general public. When you use beta software you run the very serious risk of losing everything.
Is this really as much of a foreign concept to most pepole as it seems? I (honestly, without sarcsm) didn't relize it was this far spread a problem in misinformation...
And?
1. Thank you for finding the bugs. Please report them to Apple to fix.
2. IT'S BETA -- STOP HAVING A HISSY FIT OVER IT.
1. Thank you for finding the bugs. Please report them to Apple to fix.
2. IT'S BETA -- STOP HAVING A HISSY FIT OVER IT.
MRU
macrumors Penryn
I think the point most have missed with the how high you can pee fighting contest going on is this.
Apple have created software for windows - to potentially increase it's market share and usher in future switchers.
If these future switchers experience, buggy, ineffective software from apple regardless if its the nature of the beast on windows, it will undoubtedly still put a few of those potential switchers off.
So regardless of how high you all can pee 😉 (mac/windows) this is still sad news.
Apple have created software for windows - to potentially increase it's market share and usher in future switchers.
If these future switchers experience, buggy, ineffective software from apple regardless if its the nature of the beast on windows, it will undoubtedly still put a few of those potential switchers off.
So regardless of how high you all can pee 😉 (mac/windows) this is still sad news.
longofest
Editor emeritus
I think it has to do with WebKit, which is updated in Beta3. Since WebKit is in the OS, only one version of Safari can operate at a time.
inkswamp
macrumors 68030
Selecting private browsing from the file menu in Safari doesn't stick. If you close the window, it reverts to non-private. In Firefox's preferences, you can specify that Firefox wipes cache, cookies, passwords, history, etc. every time you quit the app and that stays and happens every time. Also, you have a great deal of granularity with it (i.e., I can keep my cookies but dump the cache and history) whereas Safari's private browsing is all or nothing.
Secondly, the slow down Safari experiences is actually from the AJAX Digg uses on its forums so it's not totally HTML-related. Safari beta 3's handling of AJAX is greatly improved--better than Firefox now, I would say.
BuzWeaver
macrumors regular
Vulnerabilities are a concern, however I can't figure out why with all the innovation that Apple Offers they couldn't have made a Sorting System for Bookmarks. How can you contend in the browser market if your users can't sort their favorites. I simply don't get it. 😕
tutubibi
macrumors 6502a
Well said!
Sad truth is that due to this obsession with security, those "exports" are not doing this to improve security but to gain publicity and increase their consulting fees 😀
I don't understand why Apple didn't finish this product before releasing it...what was the big rush getting Safari onto Windows? They knew it would be torn apart immediately, so why not wait until it's totally ready and secure?
Earendil
macrumors 68000
...
I'm honestly speechless. Do you know a thing about software development? I don't actually expect you to, that' sokay, as long as you don't pretend to.
Take it from a guy who spends 40+ hours a week testing software and qualifying it for release.
What you just said means that the group developing the software has 90% of the hardware that this could run on, and has had as much time to spend on each indavidual setup as all of us do with our own personal machines.
It also means that the software team has to THINK like every possible person could think about a problem, and an approach, and prepare for it. This last point being the hardest for a software engineer to anticipate.
They try hard, but there is no way a software team and backup IV&V or QA team can possible test and prepare for all the things a couple thousand/million users will throw at it over the course of a day, a week, or a month.
irishgrizzly
macrumors 65816
I love that, so far, ten people have posted this positive. The headline could be "Apple to join Microsoft" and people would still vote + 🙄
tutubibi
macrumors 6502a
I actually find Safari's private browsing to be a great feature. I often just want to switch to private mode to visit some sites and than revert back to normal mode.
Messenger Problems
It caused problems with the conversation windows in Yahoo messenger - would constantly scroll to the top when the new text was at the bottom. No crashes - and uninstalling it of course cleared up the problem.
It caused problems with the conversation windows in Yahoo messenger - would constantly scroll to the top when the new text was at the bottom. No crashes - and uninstalling it of course cleared up the problem.
But apparently neither do the Security experts. Almost all of the 'vulnerabilities' are really just Bugs - they crash the application!!!!! no more. They DO NOT open your computer to a remote exploit (except for 1). This is FUD, no more.
Infrared
macrumors 68000
The Safari installer package seems to contain a new Dock. If it does
install a new Dock, switching between the beta and the old version
will probably be a bit more involved than simply closing one and
opening the other.
Cheers.
