Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Safari Beta Security Slammed; 8 Vulnerabilities Found
- Thread starter yellow
- Start date
- Sort by reaction score
People probably wouldn't be bitching so much if Apple didn't:
1. Put it on their front page. (A Beta should NEVER be advertised to the mainstream user. NEVER.
2. Didn't claim that its the world's best browser.
Apple deserves all the flack they get.
I'm not quite sure I get the fuss about this - the software is not released, as many people have stated. Most people I know are not even aware of it, despite it being bbc.co.uk's top story for a lot of yesterday. The point is a lot of people here are Apple fans and fairly geeky ones at that (no offence intended), so naturally we are Apple's beta testers. Now, we should be pointing out bugs and security holes if we find them, so when Apple include this with every download of iTunes (or at least make it an option - probably the default) it'll be bug-free and as secure as possible.
My experience of Safari on Windows so far is great - particularly as my Mac HD died last week and still haven't gotten it repaired. It's the closest I can be to Mac on Windows. It's obviously buggy, can hang and seems to go really slow if you have it open for a few hours, but I've used it as my default browser since the announcement and it's been quick - dare I say 'snappy'!. I expect to see dramatic improvements. I was using firefox when it was phoenix and firebird and it had plenty of bugs then too.
I'm hoping Apple will update the beta in the next week - I expect the version running in their labs has already solved a bunch of these problems. I'd be gutted if this computer were compromised, but it wouldn't be Apple's *fault*. It'd be Apple's fault if they didn't update the beta regularly, but only time will tell on that one...
My experience of Safari on Windows so far is great - particularly as my Mac HD died last week and still haven't gotten it repaired. It's the closest I can be to Mac on Windows. It's obviously buggy, can hang and seems to go really slow if you have it open for a few hours, but I've used it as my default browser since the announcement and it's been quick - dare I say 'snappy'!. I expect to see dramatic improvements. I was using firefox when it was phoenix and firebird and it had plenty of bugs then too.
I'm hoping Apple will update the beta in the next week - I expect the version running in their labs has already solved a bunch of these problems. I'd be gutted if this computer were compromised, but it wouldn't be Apple's *fault*. It'd be Apple's fault if they didn't update the beta regularly, but only time will tell on that one...
Unlike IE and windows Safari will only have a few issues, the sooner they are found the better for OSX and Windows users as the issues will be repaired and be long gone.
Smile there is light at the end of the tunnel.
The more they find the better.
Smile there is light at the end of the tunnel.
The more they find the better.
I don't know about Opera. IE has had plenty of bugs discovered soon after release.
Firefox is weird in this regard. As an open source project, there are plenty of people who download and the nightly builds on a regular basis. As such, it gets lots of wide-area exposure at phases in development where commercial products are in-house only.
A security hole is a bug, period. Sure, the consequences can be very bad, but so can plenty of other non-security bugs. (Like those that may cause the system to crash before it finishes booting - which happen from time to time.)
A more appropriate question is: "would you ever install beta software of any kind on a production computer that you can't afford to be trashed?" Apparently, the answer for a lot of people is "yes".
A mistake is when you say something incorrect, but you thought it was correct at the time.
An organized smear campaign, based on incorrect information you knew to be incorrect at the time is something altogether different.
Maynor ran his tests using third-party networking hardware, but went to great lengths to claim that all Mac users were vulnerable, even though most Mac users only use the bundled network hardware. There is also a lot of evidence that his videotaped exploit was staged. Go read John Gruber's numerous essays (at Daring Fireball for all the details I don't feel like repeating here.
I'll forgive a mistake. I will not forgive deliberate acts of deception.
You know what you get when you wait that long? You get a final release.
And even then, bugs will be found.
Of course, you are right that there should have been at least one (more?) round of non-public beta testing before this one shipped. Forgetting the security bugs, I found a few obvious bugs within minutes of running my copy. Blatantly obvious bugs should definitely be fixed in-house before a beta is released to the world.
Crashed my Windows system
This makes me very nervous. Think I'll stick to IE
Seems ok in OSX so far
This makes me very nervous. Think I'll stick to IE
Seems ok in OSX so far
Software needs to be designed to be safe, if not there will always be a twist and turn that makes it vulnerable and you have to patch forever.
However to be fair, it is next to impossible to create a web browser that is safe. The functionality required of a browser makes it about the dirties piece of code.
I agree the Windows version is terrible. I love mac so when i saw that safari was available for download in Windows, i jumped on it but i'm so dissapointed now. An error message keeps showing and the pages load so slowly.
Anyway... i ordered my MacBook Pro and it's arriving in two weeks. All i have to do is wait i guess
But i can't wait to switch to mac!!!!
now Apple's beta products have security holes
Yes and there is no excuse for security holes.
Wow...
I'm not sure why so many users are having problems with the new SAFARI BETA. Is it only Windows? I installed it on my Mac at home and two other PC's running XP. Didn't notice many if any problems yet on the Mac version. The PC version I did notice certain pages not displaying properly... thats about it. No crashes etc... but then again all I use the PC for is work. I just report the bugs back to apple... It's not that serious people. Why even download it even you hate Mac software????
I'm not sure why so many users are having problems with the new SAFARI BETA. Is it only Windows? I installed it on my Mac at home and two other PC's running XP. Didn't notice many if any problems yet on the Mac version. The PC version I did notice certain pages not displaying properly... thats about it. No crashes etc... but then again all I use the PC for is work. I just report the bugs back to apple... It's not that serious people. Why even download it even you hate Mac software????
Yes, most all betas have security holes or bugs in them.
Yep. I use to beta test. Do I expect it to be secure? Hell no.
apple needs to shape up, beta or not, if its a public release it should be secure and have almost zero bugs
Like another poster said, "fodder for the haters". Our IT Staff was watching the semi-live summary from WWDC together. There was enough time between postings for us to make comments.
Excerpts from our comments:
The MS propaganda engine will be going into full afterburner. Watch, every possible thing which can be criticized will be. Someone is going to make a big deal about the color scheme, or the transparency opaqueness.
Oh, oh. They are only going to talk about 10 new features. Watch, there is going to be at least one thread about how the 'secret features' are a disappointment.
Safari for Windows? This could be a major coup in the long run. But, Bill is NOT going to like IE challenged by Apple. He could beat-off the small guys, but he cannot do that with Apple.
IE has security built into the application layer, not into the core OS. How will Apple deal with that?
I do not know.
The guys that did the month long Apple ball-busting will be waiting in ambush.
Bummer, they are finished and have not talked about an upgrade to ACD, MP, MBP, Mac Mini, iMac, iPod, iWork, iLife, etc. They will get crucified for that.
Thanks everyone who helped live up to all of our expectations!
Says what standard? Your own little personal one that you made up just now upon contemplation? Or do you have any experience with beta testing or software dev to at least validate that statement? If you do, perhaps you could expound on your point?
Face the music
The sooner we admit that Apple's code is insecure, the happier we'll eventually be. Every single time people are asked to hack into Safari/OS-X in contests, someone succeeds within 24 hours. Apple users don't get viruses only because we're small fish in a big pond. I hope the security researchers continue to find bugs because accepting reality allows Apple to improve the code BEFORE it becomes a problem.
P.S. I hate those security ads. Why is Apple baiting virus writers? No matter how secure my house is, I'm not going to tempt burglars by putting out an ad about my house's security and what a great accomplishment it would be if they could only get inside.
The sooner we admit that Apple's code is insecure, the happier we'll eventually be. Every single time people are asked to hack into Safari/OS-X in contests, someone succeeds within 24 hours. Apple users don't get viruses only because we're small fish in a big pond. I hope the security researchers continue to find bugs because accepting reality allows Apple to improve the code BEFORE it becomes a problem.
P.S. I hate those security ads. Why is Apple baiting virus writers? No matter how secure my house is, I'm not going to tempt burglars by putting out an ad about my house's security and what a great accomplishment it would be if they could only get inside.
Who out there wanted to use Safari for anything serious on Windows?
Despite what Steve Jobs has said, the ONLY reason they released Safari on Windows is because the iPhone dev kit will require it.
They won't take any marketshare with it (nobody is giving up Firefox on windows to run Safari). And it will never have the 3rd party plugin support of IE or Mozilla based browsers. It won't even approach Opera.
If you need more evidence, note that they released the Safari beta before it even supported Proxies. Good god - how can any browser even be remotely considered real if it doesn't support proxies?
You will need Safari to develop for the iPhone. That's why it was ported to Windows. Period.
Do not attempt to use it for anything even remotely important to you.
Despite what Steve Jobs has said, the ONLY reason they released Safari on Windows is because the iPhone dev kit will require it.
They won't take any marketshare with it (nobody is giving up Firefox on windows to run Safari). And it will never have the 3rd party plugin support of IE or Mozilla based browsers. It won't even approach Opera.
If you need more evidence, note that they released the Safari beta before it even supported Proxies. Good god - how can any browser even be remotely considered real if it doesn't support proxies?
You will need Safari to develop for the iPhone. That's why it was ported to Windows. Period.
Do not attempt to use it for anything even remotely important to you.
Actually Apple users don't get viruses because Apple was smart enough to code OX in to prompting even administrative users for an administrative password before installing software. If youre logged into windows as an administrator (the out of the box default) software can be installed with no user intervention.
The small market share does cut down on the number of people trying to get in, but in their default configurations Macs are more secure than PCs
As for Safari, beta software has bugs including security flaws. It happens if you cant deal with it dont install it. That being said, Apple putting a buggy beta on their front page with the title Best Browser Ever reminds me a lot of Gary Hart daring the press to dig up dirt on him right before jumping on a yacht with Donna Rice (hint for the younger crowd: not his wife)
His credibility is still shot since he continues to distort the truth regarding that event and uses his distorted version of that event to justify his admission that he feels absolved of acting in an ethical way in regards to Apple. In other words he admits that he will act in an unethical way in anything regarding Apple.
meh...
for me, the advantages outweigh the security flaws. i don't do online banking and i use a separate browser for online transactions purchases.
safari is much MUCH faster than the previous version.
the new options in the tabs are great - u can move / display in full screen etc.
the find feature in the browser is great - it highlights and changes the font to show you the word you are looking for.
aussie_geek
for me, the advantages outweigh the security flaws. i don't do online banking and i use a separate browser for online transactions purchases.
safari is much MUCH faster than the previous version.
the new options in the tabs are great - u can move / display in full screen etc.
the find feature in the browser is great - it highlights and changes the font to show you the word you are looking for.
aussie_geek
Yeah - sorry, posted before I read everything.
This whole bit of nonsense just strikes me as ridiculous.
No, I was just saying your post backs up what I was saying. No need to be sorry.