Mere hours after Apple rolled out the beta version of its Safari on Windows Web browser, security experts claimed to find it riddled with security holes, some of which were serious. Aside from the alleged flaws, Apple faces an uphill battle in putting its browser on the Windows desktop, which is already crowded with competitors like Firefox and Explorer.
MacNewsWorld | 06/13/07
Just hours after Apple (Nasdaq: AAPL) Latest News about Apple announced the beta of its Safari for Windows browser at its World Wide Developer Conference, security Barracuda Spam Firewall Free Eval Unit - Click Here experts poked and prodded and found several vulnerabilities.
"I'd like to note that we found a total of six bugs in an afternoon, four DoS (denial of service) and two remote Manage remotely with one interface -- the HP ProLiant DL360 G5 server. code execution bugs," wrote David Mayor on his Errata Security blog. "We have weaponized one of those to be reliable." Errata Security is a consulting and product testing company, and the "weapon" comment doesn't refer to any intent to use the code for nefarious purposes.
Railed by Readers
Thor Larholm, who blogs on Larholm.com, created a zero-day exploit in two hours and posted it online. "Given that Apple has had a lousy track record with security on OS X, in addition to a hostile attitude towards security researchers, a lot of people are expecting to see quite a number of vulnerabilities targeted towards this new Windows browser," he wrote.
Another security expert, Aviv Raff, ran Hamachi, a program that tests browser integrity. "I wasn't surprised to get a nice crash [a] few minutes later," he wrote on his Aviv Raff On .NET blog.
Many readers of all three of the experts' blog sites posted comments nailing Apple with sarcasm and disdain.
Symantec (Nasdaq: SYMC) Latest News about Symantec, a provider of security tools, posted warnings for three of the most critical vulnerabilities for Safari on Windows on its Symantec Security Response Weblog. "This Safari release is officially a beta release. Even if these vulnerabilities didn't exist, we wouldn't recommend using beta software in a production environment," Symantec noted. "Hopefully many of these bugs will be scrubbed before the official release."
Apple's Challenge
"The browser market on the Windows side is an advanced and skeptical market," Mike Romo, product manager of Symantec's Macintosh Latest News about Macintosh Group, told MacNewsWorld. "The ultimate browser on Windows is Firefox. It's going to be interesting to watch them point out the value proposition of Safari in a very crowded browser market."
Symantec, noted Romo, is particularly concerned about users that might rely on beta software, and Safari for Windows is a case in point. "We think it's something everyone should be know about," he said.
"Apple is going to have to examine security on the Windows side very specifically and succinctly if they are going to succeed. ... The thing with Apple, since they do play their cards close to their chest -- they should have given developers a little notice, at least on the Windows side, so we could have knocked it about a bit and worked on integrating the Safari browser into our product schedule," Romo said.
Emotional Touchstone
Aside from entering an entrenched market against Internet Explorer and Firefox, Apple faces another challenge.
"A browser is a touchstone. Next to e-mail Email Marketing Software - Free Demo, a browser is the most emotional point that a user has in their computer experience. As far as a user's daily interaction, the emotional interaction, of having a finger on the pulse of what's going on in the world, there's nothing more intimate than the browser, so it cannot be stated enough how important security is on the browser, because everybody is using it, and when everybody is using it, everybody is a target," Romo explained.
"I think it's up to all software developers to work hard to prevent vulnerabilities," he added.
What's Next?
Whether or not Apple pushed Safari for Windows out the door too quickly, even though it's a beta product, what's next for the browser's launch? Obviously, Safari is important for Apple's iPhone efforts because Safari for Windows will make it easier for developers to create cross-platform applications Get the facts on wireless solutions suited to your industry. that run in a browser, built against Safari features, for use on the iPhone. Also, because the iPhone is critical to Apple right now, the company will very likely roll out fixes faster than usual.
"I think Apple takes security very seriously, and they have a good track record of making fixes with their security updates," Romo said. "I think it's encouraging that Apple is entering this market because it allows them to experience a different landscape, one where security is such a top-line issue."
MacNewsWorld | 06/13/07
Just hours after Apple (Nasdaq: AAPL) Latest News about Apple announced the beta of its Safari for Windows browser at its World Wide Developer Conference, security Barracuda Spam Firewall Free Eval Unit - Click Here experts poked and prodded and found several vulnerabilities.
"I'd like to note that we found a total of six bugs in an afternoon, four DoS (denial of service) and two remote Manage remotely with one interface -- the HP ProLiant DL360 G5 server. code execution bugs," wrote David Mayor on his Errata Security blog. "We have weaponized one of those to be reliable." Errata Security is a consulting and product testing company, and the "weapon" comment doesn't refer to any intent to use the code for nefarious purposes.
Railed by Readers
Thor Larholm, who blogs on Larholm.com, created a zero-day exploit in two hours and posted it online. "Given that Apple has had a lousy track record with security on OS X, in addition to a hostile attitude towards security researchers, a lot of people are expecting to see quite a number of vulnerabilities targeted towards this new Windows browser," he wrote.
Another security expert, Aviv Raff, ran Hamachi, a program that tests browser integrity. "I wasn't surprised to get a nice crash [a] few minutes later," he wrote on his Aviv Raff On .NET blog.
Many readers of all three of the experts' blog sites posted comments nailing Apple with sarcasm and disdain.
Symantec (Nasdaq: SYMC) Latest News about Symantec, a provider of security tools, posted warnings for three of the most critical vulnerabilities for Safari on Windows on its Symantec Security Response Weblog. "This Safari release is officially a beta release. Even if these vulnerabilities didn't exist, we wouldn't recommend using beta software in a production environment," Symantec noted. "Hopefully many of these bugs will be scrubbed before the official release."
Apple's Challenge
"The browser market on the Windows side is an advanced and skeptical market," Mike Romo, product manager of Symantec's Macintosh Latest News about Macintosh Group, told MacNewsWorld. "The ultimate browser on Windows is Firefox. It's going to be interesting to watch them point out the value proposition of Safari in a very crowded browser market."
Symantec, noted Romo, is particularly concerned about users that might rely on beta software, and Safari for Windows is a case in point. "We think it's something everyone should be know about," he said.
"Apple is going to have to examine security on the Windows side very specifically and succinctly if they are going to succeed. ... The thing with Apple, since they do play their cards close to their chest -- they should have given developers a little notice, at least on the Windows side, so we could have knocked it about a bit and worked on integrating the Safari browser into our product schedule," Romo said.
Emotional Touchstone
Aside from entering an entrenched market against Internet Explorer and Firefox, Apple faces another challenge.
"A browser is a touchstone. Next to e-mail Email Marketing Software - Free Demo, a browser is the most emotional point that a user has in their computer experience. As far as a user's daily interaction, the emotional interaction, of having a finger on the pulse of what's going on in the world, there's nothing more intimate than the browser, so it cannot be stated enough how important security is on the browser, because everybody is using it, and when everybody is using it, everybody is a target," Romo explained.
"I think it's up to all software developers to work hard to prevent vulnerabilities," he added.
What's Next?
Whether or not Apple pushed Safari for Windows out the door too quickly, even though it's a beta product, what's next for the browser's launch? Obviously, Safari is important for Apple's iPhone efforts because Safari for Windows will make it easier for developers to create cross-platform applications Get the facts on wireless solutions suited to your industry. that run in a browser, built against Safari features, for use on the iPhone. Also, because the iPhone is critical to Apple right now, the company will very likely roll out fixes faster than usual.
"I think Apple takes security very seriously, and they have a good track record of making fixes with their security updates," Romo said. "I think it's encouraging that Apple is entering this market because it allows them to experience a different landscape, one where security is such a top-line issue."
0 comments:
Post a Comment