Still IE is (one of) the unsafest browsers available and slower than its competitors (Safari, Firefox, Opera, Chrome)
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Security Vulnerability Found in Safari RSS
- Thread starter Habakuk
- Start date
- Sort by reaction score
Still IE is (one of) the unsafest browsers available and slower than its competitors (Safari, Firefox, Opera, Chrome)
well that stinks, I hope Apple gets a solution to this soon! I use Safari RSS feeds all of the time.
Damn. The only reason I use safari over firefox is because of the RSS reader!
This programmer guy could have waited to make the news public
Now hackers will know about it!
Indeed, it seems irresponsible. I guess he told Apple and get sweet F.A. response from them, as Apple seem to do when they get all uppity and haughty.
Its only a security hole, its not even being exploited yet, i could find security holes in almost any piece of software, thats the whole idea of hacking, infact theres no software thats completely secure, and there never will be, so this is just one whole media hype. Probably funded by microsoft or some other open source alternative.
Flaw doesn't list which Safari versions
The problem with this warning is the fact it doesn't specifically test any version of Safari and assumes 10.5 only.
He doesn't mention OS X 10.4 releases.
Safari Developer release runs on 10.4.11+.
Either he addresses the release numbers or he's assuming every system is currently up-to-date and is targeting the latest release of Safari, against the latest 10.5.6.
The problem with this warning is the fact it doesn't specifically test any version of Safari and assumes 10.5 only.
He doesn't mention OS X 10.4 releases.
Safari Developer release runs on 10.4.11+.
Either he addresses the release numbers or he's assuming every system is currently up-to-date and is targeting the latest release of Safari, against the latest 10.5.6.
Um... there really was no standard CSS then either. Sorry to say but as a web developer I would say IE8 misses the mark too. It is a step up but to not be fully compliant after two versions is a mistake, IMO.
And some nostalgia as to why IE6 was the "best"... it was due to monopolistic practices. Windows bundling. you know the thing they got sued for? IE6 came installed for free at a time when huge downloads (multiple MB were a big deal... remember dial-up anyone?). People were to lazy to download netscape... as it was PITA to do out of the box on dial-up. Winning by default is only good if you're Homer Simpson competing with Barney for that last astronaut position.
Anyway I haven't had the foresight to check yet but does this affect webkit? Because i love that browser.
Interestingly, one can set the RSS feed reader to any application, including one that does not handle RSS feeds. Then nothing happens. This is what I did for all our computers since we don't use the RSS feeds anyways and this way if someone accidentally does it is blocked.
Cheers
-Walter
Sugar Mountain Farm
in the mountains of Vermont
http://SugarMtnFarm.com/blog/
http://HollyGraphicArt.com/
http://NoNAIS.org
Cheers
-Walter
Sugar Mountain Farm
in the mountains of Vermont
http://SugarMtnFarm.com/blog/
http://HollyGraphicArt.com/
http://NoNAIS.org
Me neither but I was wandering if Mail use the same system (webkit-ish) for handling RSS?
Not that I use that *function* in Mail but I'm kind of stuck with it...
I agree but I would have to say IE6 is the worst out of all of them (not transparent images, no tabs, and horrible performance with modern ajax and java)
I don't use RSS, but for those who do this looks like something serious as they can access your hardrive just like that. Remember this is for both Windows and Mac safari users
http://brian.mastenbrook.net/display/27
AppleMatt
Okay. The famous and commonly accepted German computer mag publisher "Heise" http://www.heise.de/ brought up the story here in Europe as far as I could notice. Here is the direct link to the original German-language report: Sicherheitslücke in Apples Safari. I would translate "Sicherheitslücke" with "security hole" or "security gap". The linked article in the OP of this thread at heise-online.co.uk is an English-language translation.
http://www.heise.de/security/ (English version http://www.heise-online.co.uk/security/) is or was sponsered by Microsoft. Months ago when I checked it the last time they had a Microsoft logo on that site.
"Heise" is deemed to make very serious and competent journalism. One of the best informed publishers in Europe. They have dedicated hardware and open source software departements. There were detailled reports on the Chaos Computer Club (CCC) Meeting in Berlin end of December with the famous Dev Team.
+1
Among other things I can't stand how Safari handles RSS feeds. It's nice that it shows the number of new posts, but you can't see what is in the list without opening the RSS page in the main window. Same thing with bookmarks. Bleh.
I agree that IE6 sucks, now. But back in the day, I remember IE6 supporting all of these really cool things like *gasp* custom scrollbar colors... and it had a really shiny icon compared to IE5.5
yeah today it downright sucks compared to ANY of the other browsers out there, and MS should have updated it YEARS ago, I'm just saying that back in the day it wasn't so bad. How many programs do you still use from 2001?
Never been too fond of Safari or its RSS support. I use Firefox and NetNewsWire but I hope Apple fixes this in a timely manner.
"Back in the day" I still wasn't using IE except for a very brief period of time, and I still wasn't impressed with it. IE5 edged out Netscape, but by the time IE6 came around I was on other browsers. Konqueror and Mozilla were far more impressive browsers. And Phoenix a.k.a. Firebird a.k.a. Firefox wasn't far off. Oh, and Opera's been around for a very long time. Come to think of it, I think Opera was the first browser I saw with colored scroll bars. Just because you weren't aware of the competition doesn't mean it wasn't there.
Trust me, even "back in the day", IE was mediocre.
Too bad Apple was too busy making sure iFart would work on iPhone to let an exploit so friggingly basic slip through.
But then, you expect that kind of thing from the Mattel of the computer world.
Drama troll.
